All, The purpose of this thread is to discuss any concerns or suggestions regarding a sentence in item 3 of section 2.2 in the Mozilla Root Store Policy <https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/#22-validation-practices>. In Mozilla's PKI Policy repository in GitHub, Issue #253 <https://github.com/mozilla/pkipolicy/issues/253>, it is suggested that we replace lower case "must" and uppercase "SHOULD" with uppercase "MUST".
This sentence in MRSP section 2.2 would then read: The CA operator's CPS (or, if applicable, the CP or CP/CPS) must *MUST* clearly specify the procedure(s) that the CA employs, and each documented procedure SHOULD *MUST* state which subsection of 3.2.2.4 it is complying with. (See also https://github.com/BenWilson-Mozilla/pkipolicy/commit/389a73615e4658b49b346aeaecbb4dd8fca0c955 ) Any thoughts or suggestions? Thanks, Ben -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CA%2B1gtaby_pc1gFrS5JEyYb8p_8PCg%3DSTVkWbvyOQ4J%3DqNfiFBw%40mail.gmail.com.
