I suggest to make the requirement „* The PKCS#12 file must have a sufficiently secure password, and the password must be transferred via a separate channel than the PKCS#12 file.” binding for both transfer methods and not be limited to physical data storage. Otherwise I agree with this proposal.
Enrico _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
