> > First, the cryptography license license is mandatory only for CAs (organizations who operate PKI facilities);
> You are operating a CRL & OCSP server in China, right?
We never operates the CRL and OCSP responders. But CA does(SSL.com can confirm it).
Don’t do the uncertain charge if no evidence. Please provide the wrong information source! Before you provide this malicious fabrication I’ll share no more information on your post anymore.
> > Secondly, There are many sole proprietorship (self-employed people) are also selling SSL digital certificates and running their own websites, which is totally unable to enroll ICP Registration License.
Cryptography license isn’t required for reselling business. For sure.
>> your post is completely weering off topic.
> I'm concerned with SSL.com CP/CPS 5.3.1. It claims "SSL.com verifies the identity and trustworthiness of all personnel, whether as an employee, agent, or an independent contractor, prior to the engagement of such person(s)."
> If an independent contractor operates illegally in his/her country, how can he/she be considered trustworthy?
SSL.com didn’t verify the Licenses and Permits. So,
there is no association between SSL.com CP/CPS 5.3.1 and conclusion in your words.
------------------ Original ------------------
From: John Liptak <[email protected]>
Date: Fri,Jun 16,2023 4:59 AM
Cc: Thomas Zermeno <[email protected]>, Xiaohui Lam <[email protected]>
Subject: Re: RCE used by Intermediate CA to issue certificates.
> First, the cryptography license license is mandatory only for CAs (organizations who operate PKI facilities);
You are operating a CRL & OCSP server in China, right?
> Secondly, There are many sole proprietorship (self-employed people) are also selling SSL digital certificates and running their own websites, which is totally unable to enroll ICP Registration License.
> your post is completely weering off topic.
I'm concerned with SSL.com CP/CPS 5.3.1. It claims "SSL.com verifies the identity and trustworthiness of all personnel, whether as an employee,
agent, or an independent contractor, prior to the engagement of such person(s)."If an independent contractor operates illegally in his/her country, how can he/she be considered trustworthy?
You received this message because you are subscribed to the Google Groups "[email protected]" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [email protected].
To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/tencent_2089AD709872010F473D3C01%40qq.com.
