We do understand the issues raised and instead of addressing each one
separately we would give a shorter answer:
We do agree that mistakes were made with this rootCA and we understand your
We also believe that our current CPS state is well and that we made a lot of
progress and we are in a good position today with the CPS which is according to
We take your recommendation and we consider generating a brand new root with a
new key pair that will run only on the new CA software – whilst providing all
the audits and needed information as requested.
We need to know for certain before we initiate such a process that doing so
would be accepted by you and Ryan, and that we could continue from this point,
rather than starting over again at the beginning of the process.
dev-security-policy mailing list