> I think this is a vote for the status quo, in which we have been accepting > CAs that don't meet the guidance provided under 'who may apply'
Perhaps slightly less strong than that. I think Mozilla should be willing to consider accepting them if there is a compelling reason to do so. “Why aren’t you running/participating in a private PKI?” should always be the first question, with the recognition that there are valid answers to that question. -Tim
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy