> To answer your question: no, there are no rules for the withdrawal of
> CA licences. Strictly spoken, there even are no rules for the licensing
> of CAs: the federal agency operating the root CA cannot reject a licence
> if hardware, software and the CA's security concept have been evaluated.
> This is bad and the responsible people know about this but...
Do I understand you correctly: Once a CA got a evaluation and a licence,
there's no rule to reject this licence? What does this exactly mean? Is
this a matter of opinion of a person? Or has that subject been ignored /
forgotten ?!
oki,
Steffen
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
