Frank Hecker:
Eddy Nigg (StartCom Ltd.) wrote:
That's nice, but how can *I* also know about it? Would it be possible to
confirm it at the bug (that only EV certificates will be issued from
that root ) and remove the OV attribute from
http://www.mozilla.org/projects/security/certs/pending/#Entrust ?
My apologies, I didn't exactly get what you were asking. Yes, I'll make
a note about this in the bug and in the pending list, and get confirmation.
I peaked already at the bug and continue to respond to the inclusion
request as it seems to be clear that non-EV certificates may be issued
from this root and the governing CP/CPS is
http://www.entrust.net/CPS/pdf/webcps051404.pdf
Therefore I'd like to request clarification and verification about how
domains are validated by the RAs, since the CPS isn't clear in that
respect. Please note that Gerv in the original inclusion request perhaps
missed that point and I must have been asleep as well or just started to
regularly review inclusions back then.
Refence is 3.1.8 from the CPS:
Registration Authorities operating under the Entrust SSL Web Server
Certification Authorities
shall determine whether the organizational identity, address, and domain
name provided with an Entrust
SSL Web Server Certificate Application are consistent with information
contained in third-party databases
and/or governmental sources.
Regards
Signer: Eddy Nigg, StartCom Ltd. <http://www.startcom.org>
Jabber: [EMAIL PROTECTED] <xmpp:[EMAIL PROTECTED]>
Blog: Join the Revolution! <http://blog.startcom.org>
Phone: +1.213.341.0390
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto