On 10/19/15 4:34 PM, Kathleen Wilson wrote:
Therefore, I also propose that we don't separate out the audit criteria
according to trust bit in version 2.3 of the policy. Rather, the
separation will be part of another effort to create a separate S/MIME
policy in 2016.
This means that the
On 9/21/15 7:07 PM, Kathleen Wilson wrote:
In https://wiki.mozilla.org/CA:CertificatePolicyV2.3
The proposal is:
(D27) Clarify which audit criteria are required depending on which trust
bits are set. In particular, root certs with only the S/MIME trust bit
set will have different audit
On 08/10/15 09:56, Gervase Markham wrote:
> A major CA was kind enough to share their numbers with me. They said:
>
> "We issued 275,000 client/smime certificates in the last year as soft
> certificates – i.e. not on smart-cards/tokens.
And another one (not a root CA, but a sub-CA of a root in
On 22/09/15 05:07, Kathleen Wilson wrote:
> First, we need to determine if the Email trust bit should remain part of
> Mozilla's CA Certificate Policy.
One perhaps somewhat relevant piece of information in this discussion is
whether anyone is using S/MIME. After all, if no-one is using it,
On 9/22/15 11:37 AM, R Kent James wrote:
On 9/21/2015 7:07 PM, Kathleen Wilson wrote:
As we did with the discussion about the code signing trust bit, let's
list the arguments for and against removing references to the Email
trust bit from Mozilla's CA Certificate Policy.
The main comment that
On Mon, Sep 21, 2015 at 07:07:07PM -0700, Kathleen Wilson wrote:
>
> First, we need to determine if the Email trust bit should remain part of
> Mozilla's CA Certificate Policy.
I'm really concerned about this. S/MIME and PGP are the only
(popular) ways to do encryption over email. The
On Tue, Sep 22, 2015 at 4:47 AM, Brian Smith wrote:
> Kathleen Wilson wrote:
>
> > Arguments for removing the Email trust bit:
> > - Mozilla's policies regarding Email certificates are not currently
> > sufficient.
> > - What else?
> >
> >
> * It isn't
Kathleen Wilson wrote:
> Arguments for removing the Email trust bit:
> - Mozilla's policies regarding Email certificates are not currently
> sufficient.
> - What else?
>
>
* It isn't clear that S/MIME using certificates from publicly-trusted CAs
is a model of email security
8 matches
Mail list logo