Re: Remove old StartCom root certs from NSS

I have filed Bug #1392849 to remove the old StartCom root certificates. This will likely happen in the October batch of root changes. Kathleen ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org

Re: BR compliance of legacy certs at root inclusion time

On Tue, Aug 22, 2017 at 12:01 PM, Gervase Markham via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > On 21/08/17 06:20, Peter Kurrasch wrote: > > The CA should decide what makes the most sense for their particular > > situation, but I think they‎ should be able to provide

Re: BR compliance of legacy certs at root inclusion time

On 21/08/17 06:20, Peter Kurrasch wrote: > The CA should decide what makes the most sense for their particular > situation, but I think they‎ should be able to provide assurances that > only BR-compliant certs will ever chain to any roots they submit to the > Mozilla root inclusion program. So