Another consideration I want to through into this discussion is to have
a potential change to the Mozilla CA policy concerning yearly
re-auditing requirement. Re-auditing on a yearly or by-yearly basis has
been brought up a few times at various occasions. One of the arguments
against this requirement was the almost impossible task to follow
through with it, a burden almost impossible to manage by the existing
team and capabilities.
Since EV already has such a requirement and other browser vendors
requires it too (MS, Opera), it might be not unreasonable to make it a
requirement of Mozilla as well. The tool I offered and suggested would
make it possible to govern such a requirement with a minimal effort. I
think this thought to be worth for consideration (both the tool and the
re-auditing requirement). Suggestions?
--
Regards
Signer: Eddy Nigg, StartCom Ltd. <http://www.startcom.org>
Jabber: [EMAIL PROTECTED] <xmpp:[EMAIL PROTECTED]>
Blog: Join the Revolution! <http://blog.startcom.org>
Phone: +1.213.341.0390
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto