Thank you for sharing this information Scott. On Wed, May 15, 2019 at 2:49 AM Scott Rea <scott....@darkmatter.ae> wrote:
> > Please advise if additional information relating to this change is > required. > > As pointed out in earlier discussions about DarkMatter's QuoVadis-signed intermediates [1], and the policy 2.7 proposal that aims resolve this issue [2], it's not clear if section 8 of Mozilla policy applies to subordinate CA certificates, or only roots. Given the lack of clarity and enforcement to-date, I do not believe that the section 8.1 requirement for "...a public discussion regarding their admittance to the root program, which Mozilla must resolve with a positive conclusion in order for the affected certificate(s) to remain in the root program" should be applied to this change at this time. The information you provided will, of course, be considered as part of the ongoing distrust discussion that will continue in this thread. - Wayne [1] https://groups.google.com/d/msg/mozilla.dev.security.policy/xGGGaI1_uo0/e2e6RAEBBgAJ [2] https://groups.google.com/d/msg/mozilla.dev.security.policy/bWc70D8Kk6I/fafb9lXqCwAJ _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy