The main difference as I read it, is a weakening of the requirement by adding "reasonably available", which effectively changes the requirement from a MUST to a SHOULD. Is that the intended interpretation?
Den tir. 15. nov. 2022 kl. 00.33 skrev Ben Wilson <[email protected]>: > All, > > This discussion thread relates to the GitHub Mozilla PKI Policy Issue #249 > <https://github.com/mozilla/pkipolicy/issues/249>. > > Here are the currently proposed changes to item 7 of Mozilla Root Store > Policy (MRSP) section 3.3 > <https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/#33-cps-and-cpses> > : > > *Effective December 31, 2022,* CA operators SHALL maintain links * in > their online repositories* to * all reasonably available historic* older > versions of each CP*s* and CPS*es* (or CP/CPS*es*) *from the creation of > included CAs*, regardless of changes in ownership or control of *such* the > root CA*s*, until the entire root CA certificate hierarch*ies*y *(i.e. > end entity certificates, intermediate CA certificates, and > cross-certificates)* operated in accordance with such documents *are* is > no longer trusted by the Mozilla root store. > > The proposed changes are meant to clarify the requirement. > > Thank you, > > Ben > > -- > You received this message because you are subscribed to the Google Groups " > [email protected]" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CA%2B1gtaZn1_XF4XBQVp-eqWDC9Eke4iXX%3D774t0K%3DeHqXtOCv5w%40mail.gmail.com > <https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CA%2B1gtaZn1_XF4XBQVp-eqWDC9Eke4iXX%3D774t0K%3DeHqXtOCv5w%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CACAF_WhoFZH9uYPqji_1fF5WDAovwCqMd1xM%3DpvWdb%2B2--nMUQ%40mail.gmail.com.
