* Kurt Roeckx: > But it's unclear if this is really a policy or just what some > people think should happen.
If we do this, it should not just apply to end-entity certificates, but also to intermediate certificates (but not the self-signature of root certificates). Obviously, that's rather unlikely to happen because of the number of long-term intermediate certificates which cannot be re-issued under current policies. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy