Nelson Bolyard wrote: > Do we really want to allow this? > > Should this at least be a question that CAs must answer as they apply > for cert inclusion or EV status upgrades?
At a minimum, please add it to the "Questionable CA practices" document on the wiki. It doesn't sound particularly wise to me. What is the mechanism of transmission for the PKCS12 file? Unencrypted email? HTTPS? Gerv _______________________________________________ dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
