I've gone ahead and removed references to ETSI TS 101 456 and TS 102 042 from the 2.6 branch of the policy: https://github.com/mozilla/pkipolicy/commit/49a07119a1fd5c887d4b506f60e210fad941b26a
- Wayne On Tue, Mar 27, 2018 at 12:44 PM, Wayne Thayer <[email protected]> wrote: > There has been a lot of confusion about the transition to the new > standards, and I believe that this change makes it clearer that Mozilla no > longer accepts audits based on the older ETSI standards. > > On Tue, Mar 27, 2018 at 4:28 AM, Julian Inza via dev-security-policy < > [email protected]> wrote: > >> European Conformity Assessment Bodies are nowadays issuing Audit >> Certificates aligned with EN 319 401, EN 319-411-1 and EN 319 411-2 >> standards. >> >> There is no need to explicitly deny validity to previous standars, >> because as Jakob states, they can reflect the chain of audits. >> >> In fact, TS 102 042 and TS 101 456 are basically the same standards, but >> instead of changing only the version number, ETSI opted to renew the full >> reference code, more in the approach of IETF for RFCs. >> >> The Mozilla rule also is aligned with CAB Forum Baseline Requirements for >> the Issuance and Management of Publicly-Trusted Certificates and Extended >> Validation SSL Certificate Guidelines, and any change to those documents >> would need a ballot. >> >> This is the kind of confusion that I hope to avoid. Mozilla policy is not > aligned with the BRs now that Mozilla does not accept TS 102 042 and TS 101 > 456 audits. > > Regards, >> >> Julian Inza >> >> >> > _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
