Yair, Will you please provide a detailed response to each of Ryan's points? Also, please provide the specific version of the RSA Certificate Manager in use by ComSign.
Thanks, Wayne On Mon, Jan 29, 2018 at 8:43 AM, YairE via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > Hi Ryan, > > I noticed that your notes refer to a previous version of the CPS and not > the current one > here is a link to the current version which is 4.1. > https://s3-us-west-2.amazonaws.com/comsign/CPS/CPS_4.1_eng.pdf > > About the CA software – we are now under auditing for our new Microsoft CA > and it will take at least 4-6 months until it will be approved for full > usage. > We do understand that the Microsoft CA is much better and secure but we > still ask of you to approve our root considering the fact we are at the > last steps of implementing the Microsoft CA > We are under heavy pressure from customers that are using Mozilla to allow > them SSL and we were waiting too much until we reached this point > Even if we receive that you acknowledged for 6 month to continue the > current CA – it is good for us. > > Yair > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
