All, I have updated the draft policy <https://docs.google.com/document/d/1ESakR4MiwyENyuLefyH2wG8rYbtnmG1xeSYvDNpS-EI/edit?usp=sharing> to get it ready for incorporation into Mozilla's Root Store Policy, and to address comments that people provided in the document. I will greatly appreciate it if you will carefully re-review the document <https://docs.google.com/document/d/1ESakR4MiwyENyuLefyH2wG8rYbtnmG1xeSYvDNpS-EI/edit?usp=sharing> and provide feedback on it.
Additionally, I would like to begin discussing what sort of policy should be added in regards to making the revocation reasons available to certificate subscribers by the CA’s tools and documentation. Here's a rough draft to get this discussion started: ~~ The CA's subscriber agreement for SSL end-entity certificates MUST inform certificate subscribers about the following revocation reason options and provide explanation about when to choose each option. Tools that the CA provides to the certificate subscriber MUST allow for these options to be easily specified when the certificate subscriber requests revocation of their certificate, with the default value being that no revocation reason is provided. - keyCompromise - superseded - cessationOfOperation - privilegeWithdrawn ~~ Thanks, Kathleen -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/c822471d-016f-45ef-9602-0e09a141244cn%40mozilla.org.
