2018. december 13., csütörtök 7:35:32 UTC+1 időpontban Dean Coclin a következőt írta: > My opinion: > The CA/B Forum Baseline Requirements only apply to certificates which chain > to publicly trusted roots. This is made clear in the preamble of the > document: > > This document describes an integrated set of technologies, protocols, > identity-proofing, lifecycle management, and auditing requirements that are > necessary (but not sufficient) for the issuance and management of > Publicly-Trusted Certificates; Certificates that are trusted by virtue of the > fact that their corresponding Root Certificate is distributed in > widely-available application software. > > The BRs do not apply to certificate issuance from non publicly trusted > hierarchies. > Dean CoclinCA/B Forum Vice-Chair > >
Dear All, thank you for your answers. I confirm the followings: - Microsec operates Test hierarchies consisting of test root CA-s and test intermediate CA-s which are used exclusively for test purposes. - Microsec has never issued and will never issue any live certificates from these test systems. - the test root CAs has never been and will never be submitted for inclusion in the Mozilla root program or in any other root programs - Microsec never issues test certificates for the purpose of domain validation according to the BR 3.2.2.4.9 for life TLS certificates By keeping these rules Microsec may issue test certificates with validity exceeding the 30 days. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
