I suspect many smaller CAs are non-compliant too, for example gandi's CPS hasn't changed since 2009 according to its changelog.
https://www.gandi.net/static/docs/en/gandi-certification-practice-statement.pdf Cheers Rich. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
