On 09/06/17 16:37, Jakob Bohm wrote: > This seems to directly violate the often proposed (but apparently not > yet enacted) rule that different root certs must have different keys > (if that rule has been incorporated into a current policy).
This has come up enough times now that I've filed an issue for it: https://github.com/mozilla/pkipolicy/issues/88 People with opinions on one side or the other should feel free to add comments. Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy