On 11/04/2009 09:31 PM, Florian Weimer:
Does the CPS really say that? Where?
If you don't mind, the Mozilla CA Policy requires under section 7:
/for a certificate to be used for SSL-enabled servers, the CA takes
reasonable measures to verify that the entity submitting the
certificate signing request *has registered the domain(s) referenced
in the certificate /or/ has been authorized by the domain registrant
to act on the registrant's behalf*;/
Here is the link to the policy:
http://www.mozilla.org/projects/security/certs/policy/
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
XMPP: [email protected]
Blog: http://blog.startcom.org/
Twitter: http://twitter.com/eddy_nigg
_______________________________________________
dev-security mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security
