Frank Hecker wrote:
Ian G wrote re reviewing "incumbent" CAs in the pre-loaded CA
certificate list:
...
Whether
you *ever* have time is an open question, which is
just another reason why I think inevitably there will
be a drift towards an asymmetric CA policy (where
not all CAs are equal). It's the only way to manage
the divergent requirements, economically speaking.
By "asymmetric CA policy" are you referring to the issue of how we
treat incumbent CAs vs. new applicants, or to some other division of
CAs into different classes?
Just a point of clarification, I am referring to the
general division of CAs into whatever class we
pick. Such as trusted or untrusted, American,
Eurooean, other, industry specific or broad based,
expensive or cheap, new or old, reviewed recently
or not.
That is, the notion that "all CAs are the same" is
being replaced with "all CAs are different."
iang
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/
_______________________________________________
mozilla-crypto mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-crypto
