Pedro, Did you mean Section 3, not Section 4?
Section 4 does not talk about certificate lifetimes at all, but covers similar long-standing requirements imposed by other root programs directly. Naturally, the CA Communications doesn't cover the many existing Mozilla requirements that are also part of the ballot, and have never been covered by versions of the BRs, in a manner similar to the change in lifetime, and only seems to focus on the requirements either implicit to Mozilla or explicit in other programs. On Sun, May 3, 2020 at 7:58 AM Pedro Fuentes via dev-security-policy <[email protected]> wrote: > > Hello, > this commentary it's quite obvious and probably unnecessary, but I would just > say that the controversy that section 4 of the survey is raising is simply > because many of us have the feeling that this change of certificate lifespan > should have come by means of a ballot and a new version of the BR, and not in > the way it's happening, with imposed deadlines. > Best, > Pedro > > El jueves, 30 de abril de 2020, 0:48:08 (UTC+2), Kathleen Wilson escribió: > > All, > > > > I have drafted a potential CA Communication and survey, and will greatly > > appreciate your input on it. > > > > https://wiki.mozilla.org/CA/Communications#May_2020_CA_Communication > > > > Direct link to read-only copy of the draft survey: > > https://ccadb-public.secure.force.com/mozillacommunications/CACommunicationSurveySample?CACommunicationId=a051J000042AUSv > > > > Purpose: > > - Communicate Mozilla's expectations about what CAs should do when > > audits, revocations, or other requirements are impacted by COVID-19 > > restrictions. > > - Remind CAs about deadlines in version 2.7 of Mozilla’s Root Store Policy. > > - Collect CA input on limiting TLS cert lifetimes. > > - Collect CA input on the draft CA/Browser Forum Browser Alignment Ballot. > > > > Thanks, > > Kathleen > > _______________________________________________ > dev-security-policy mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
