Duane wrote: > > Hmmm so I take it no one has an issue with CAcert's root certificate > being included, or they don't feel qualified enough (make that allowed > by their employers as well) to give a personal opinion... Regardless of > the topic at hand we're always looking to improve our services to the > community, appearance, security, policies and any constructive > criticisms people have to offer will only make things better in general > for everyone. Everything decided on for CAcert, is done so in the most > open way possible via feedback and in-depth discussions, and if someone > has a thoughts on better methods on implementation/policies we're always > happy to incorporate those ideas into the framework of our site...
As I understand the meta-policy and policy (both still proposed drafts), your lacking a WebTrust or any other external audit means that the Mozilla Foundation would have to perform an assessment of your practices before including your CA certificate in the Mozilla database. That will depend on the availability of Foundation resources -- staff, time, and money. Note that the latter (money) cannot come from you since the policy says: "The Mozilla Foundation will not charge any fees to have a CA's certificate distributed with Mozilla." -- David E. Ross <http://www.rossde.com/> I use Mozilla as my Web browser because I want a browser that complies with Web standards. See <http://www.mozilla.org/>. _______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
