Frank Hecker wrote:
> <p>This is the official Mozilla Foundation policy for CA certificates > -that it distributes with its software products:</p> > +that we distributes with our software products:</p>
"we distributes" reminds me of the old Popeye cartoons. :) Popeye talked like that.
Two questions about this draft:
1. Does this floor address the "Click Yes to continue" phenomenon? Should it?
2. Recently I encountered an SSL server cert from a low-assurance CA in which the cert's entire subject name consisted of the "Common Name" which was the server's domain name. There was no other information at all about the person/organization behind that cert. That seems like something mozilla's policy ought to address in its floor. IMO, that's not good enough for an SSL CA in mozilla's CA list. Agreed?
-- Nelson B _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
