Hi,
The Mozilla CA process is well documented, and perhaps streamlining a
similar process for Debian ca-certificates, modeled after Mozilla's,
might be the way to go.
I don't think we should have a separate inclusion process from Mozilla.
Mozilla has a well defined policy to include CA's.
In my opinion, the first consideration of any new CA inclusion and
subsequent update requests for ca-certificates should come from a
verifiable representative of the CA organization (outside of
additions/updates that come from Mozilla).
The Mozilla CA process is well documented, and perhaps
Package: ca-certificates
Severity: important
Hi,
Just to make this public, I believe no new CA should be accepted as long as a
proper procedure isn't defined and guaranteed to remain in place (e.g. by
automating whatever process is defined.)
Reasoning being that with the exception of
3 matches
Mail list logo
