I've gone ahead and made this change in the 2.7 branch:
https://github.com/mozilla/pkipolicy/commit/3a70cf31cf81f5e00b62f958fe8a3b59c7cb0f34
I'll consider this issue resolved unless further comments are received.
- Wayne
On Mon, May 13, 2019 at 11:41 PM Pedro Fuentes via dev-security-policy <
Hi Wayne,
I agree with this approach, it's quite explicit but flexible at the same time.
Thanks,
Pedro
El martes, 14 de mayo de 2019, 0:49:40 (UTC+2), Wayne Thayer escribió:
> On Mon, May 13, 2019 at 7:06 AM Pedro Fuentes via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
On Mon, May 13, 2019 at 7:06 AM Pedro Fuentes via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> Hi Wayne,
> inserting my comments below.
> Best,
> Pedro
>
> El viernes, 10 de mayo de 2019, 23:54:40 (UTC+2), Wayne Thayer escribió:
> > I have drafted the change as proposed,
Hi Wayne,
inserting my comments below.
Best,
Pedro
El viernes, 10 de mayo de 2019, 23:54:40 (UTC+2), Wayne Thayer escribió:
> I have drafted the change as proposed, moving the exact "Required Practice"
> language into section 3.3 of the policy:
>
I have drafted the change as proposed, moving the exact "Required Practice"
language into section 3.3 of the policy:
https://github.com/mozilla/pkipolicy/commit/803ec1a1414318a69491854a867dc69889442b7b
On Sat, Apr 27, 2019 at 11:36 AM Pedro Fuentes via dev-security-policy <
Hello,
I totally agree about the need to specify this information clearly in the
documentation framework, but I personally think that it's not always adequate
to force listing the intermediate CA certificates in the CP, but definitely
this information is required to be disclosed in the CPS.
The required practice "Publicly Available CP and CPS" [1] states:
The CP/CPS must clearly indicate which root and subordinate certificates
> the practices and processes described in those documents apply to.
This can be done in (at least) two ways:
* the policy document can unambiguously list
7 matches
Mail list logo
