Nelson B wrote: > I think that's fine in terms of stating the qualifications. However, > I think there are also procedural questions/issues to be addressed. > > During his term as administrator of the Root CA cert policy, Gerv created > a questionnaire that he routinely asked CAs to answer in their applications. > I think it would be good to publish that along with the formal policy. > > To handle EV CAs, that questionnaire needs to be extended slightly. > It needs to ask, for each root cert being put forward, whether that cert > will be a root for EV certs, and if so, what is the EV policy OID that > will be used in all EV certs that chain up to that root? > Good point! So I don't think that this should be part of the policy. But perhaps we need some agreed guidelines and practices concerning the process of CA acceptance. This would guaranty that the process would be performed always according to the same regulations and wouldn't depend on a specific person. I think Gerv has structured and standardized that process quite a bit and this should be somewhere nailed down a bit....just in case Gerv goes on some long-term vacation to the Bahamas or such ;-)
-- Regards Signer: Eddy Nigg, StartCom Ltd. <http://www.startcom.org> Jabber: [EMAIL PROTECTED] <xmpp:[EMAIL PROTECTED]> Blog: Join the Revolution! <http://blog.startcom.org> Phone: +1.213.341.0390 _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
