Re: Discussion about restricting government roots to that country's TLD(s)
On 30/11/16 23:25, Han Yuwei wrote: > Github issue:https://github.com/mozilla/pkipolicy/issues/42 That issue is not currently targetted for 2.4. In the message titled "Mozilla Root Store Policy 2.4: goals and process", I said: > If you think any of them should be targetted at 2.4, please make the > case in the thread attached to this message. Remember to explain how > the change is either "urgent" or "relatively uncontroversial and > self-contained". Before we discuss this topic, you need to make that case. Otherwise, I would ask that we not discuss it right now. Gerv ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
Discussion about restricting government roots to that country's TLD(s)
Github issue:https://github.com/mozilla/pkipolicy/issues/42 My opinions: It's good to restrict government CAs to certain TLDs for reasons below 1. government CA is intented to provide domestic assurance of IDs and services for government's websites. 2. If we assume every government is "evil", we can limit its consequences in the corresponding ccTLD. 3. Make government CA dedicated for their people. But there's also questions: 1.Policital Problems Due to the word "country", there MUST be lots of policital problems. In a word, what we should do about ".tw"? (I am Chinese.) 2.Definition about "government CA" Who can represent the government? NIC could be private (or not? I am not sure). ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy