Thanks Ryan, actually simplification applies only to the organisational infrastructure and allows us to concentrate on two major players: CABs and accreditation bodies.
Why we need this? If we succeed with minimal requirements for both players, it should help to harmonise the root program requirements. Although it does require significant efforts, but both the accredition and certification rely on the same semi-formalised "conformity assessmens scheme" concept, which methodologically is very close to CP/CPS for CAs. Thanks, M.D. On Thu, Apr 7, 2022, 18:01 Ryan Sleevi <[email protected]> wrote: > Hi Moudrick, > > I appreciate the comments, but this seems a fairly extreme simplification, > and doesn’t seem to be accurate? > > I don’t doubt that, with multiple years of effort, deep legal advice, and > careful investigation, we might be able to find a way to compare these as > apples to apples. > > But that seems like a significant investment, and it’s unclear the > benefit? Why do we need a simplified model here? > -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CAMMZRrxceL23%2BU6%2BMg0vBDLV4-GLRuqWHrb5EfxV5SpEpm65Ng%40mail.gmail.com.
