I like this one. It will be very useful as a starting point if we finally get a CABF S/MIME working group, which is likely to happen.
-Tim > -----Original Message----- > From: dev-security-policy [mailto:dev-security-policy- > [email protected]] On Behalf Of Wayne > Thayer via dev-security-policy > Sent: Monday, March 26, 2018 2:50 PM > To: mozilla-dev-security-policy <[email protected]> > Subject: Policy 2.6 Proposal: Require disclosure of S/MIME validation practices > > Mozilla policy section 2.2(2) requires validation of email addresses for S/MIME > certificates, but doesn't require disclosure of these practices as it does for TLS > certificates. > > I propose adding the following language from 2.2 (3) (TLS) to 2.2(2) > (S/MIME): > > The CA's CP/CPS must clearly specify the procedure(s) that the CA employs to > perform this verification. > > This is: https://github.com/mozilla/pkipolicy/issues/114 > > ------- > > This is a proposed update to Mozilla's root store policy for version 2.6. Please > keep discussion in this group rather than on GitHub. Silence is consent. > > Policy 2.5 (current version): > https://github.com/mozilla/pkipolicy/blob/2.5/rootstore/policy.md > _______________________________________________ > dev-security-policy mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-security-policy
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
