Frank, right now there are three, maybe even four different CAs in the public discussion. I understand that the CAs are pressuring you to take action, however in order to seriously review the bug information, CP/CPS of the CAs, root certificates etc. as an effort from the community side, I think the current volume to be counterproductive.
Considering the fact that various issues were raised in the past during the public comment period, which had direct results on the outcome of the inclusion, including detection of non-adherence to the minimal requirements of the Mozilla CA policy but also other shortcomings which resulted in different actions and decisions, I think that this stage of the inclusion process is important. Also considering that I'm actively engaged and committed towards this effort, but also pretty much the only one doing it seriously, I can't guaranty to even briefly review the requests with such a volume. I think that by committing every two weeks another CA to the public comments period (or alternatively as you started to do, twice a one week period) we can include and process potentially 26 CAs per year. This should be sufficient by estimating the number of CAs which are more or less ready and have information collection complete. Please note that there are periods when no CA is in public discussion, for weeks sometimes, which is something which could be organized more efficiently. I suggest to reconsider the current push for inclusions and hold some CAs back until the first ones are processed. BTW, I'm usually investing (my free) time towards this effort at weekends and seldom during weekdays. This means that I haven't had a chance to look at any of the last three requests yet. -- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: [EMAIL PROTECTED] Blog: https://blog.startcom.org _______________________________________________ dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
