Re: Policy 2.5 Proposal: Incorporate Root Transfer Policy

2017-05-09 Thread Gervase Markham via dev-security-policy
On 01/05/17 10:02, Gervase Markham wrote: > Here is a diff of the proposed changes: > https://github.com/mozilla/pkipolicy/compare/issue-57 Incorporated. Gerv ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org

Re: Policy 2.5 Proposal: Incorporate Root Transfer Policy

2017-05-02 Thread Gervase Markham via dev-security-policy
On 02/05/17 03:10, Peter Kurrasch wrote: > Your updates look good! One small quibble: The bottom of the Physical > Relocation section mentions the code signing trust bit, but I think that > is irrelevant now? I see that on https://wiki.mozilla.org/CA:RootTransferPolicy , but that's the document

Re: Policy 2.5 Proposal: Incorporate Root Transfer Policy

2017-05-01 Thread Peter Kurrasch via dev-security-policy
Hi Gerv,Your updates look good! One small quibble: The bottom of the Physical Relocation section mentions the code signing trust bit, but I think that is irrelevant now?Would you feel comfortable mandating that,

Policy 2.5 Proposal: Incorporate Root Transfer Policy

2017-05-01 Thread Gervase Markham via dev-security-policy
Mozilla has a Root Transfer Policy which sets out our expectations regarding how roots are transferred between organizations, or what happens when one company buys another, based on a recognition that trust is not always transferable. https://wiki.mozilla.org/CA:RootTransferPolicy It has been