On Mon, Apr 2, 2018 at 9:28 PM, tom.prince--- via dev-security-policy < [email protected]> wrote:
> On Monday, April 2, 2018 at 7:12:19 PM UTC-6, Wayne Thayer wrote: > > In section 2.3 (Baseline Requirements Conformance), add a new bullet that > > states "Before being included, CAs MUST provide evidence that their root > > certificates have continually, from the time of creation, complied with > the > > then current Mozilla Root Store Policy and CA/Browser Forum Baseline > > Requirements." > > When I first read this, I parsed it as saying that the only root needs to > comply with the policy at the time of creation (and not at later points in > time). I don't have any suggestions on how to make it clear that the root > needs to have complied at each time with the policy in force at that time. > <https://lists.mozilla.org/listinfo/dev-security-policy> > Maybe this is clearer? In section 2.3 (Baseline Requirements Conformance), add a new bullet that states "Before being included, CAs MUST provide evidence that their root certificates have, from the time of creation and continually thereafter, complied with the then current Mozilla Root Store Policy and CA/Browser Forum Baseline Requirements." _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
