or for
all CABF members to consider when creating the BRs.
-- Eric
>
> -Original Message-
> From: Rob Stradling [mailto:rob.stradl...@comodo.com]
> Sent: Monday, March 7, 2016 4:04 AM
> To: Jeremy Rowley
> Cc: mozilla-dev-security-pol...@lists.mozilla.org
> Subject: Fix
...@lists.mozilla.org
Subject: Fixing the BR scope (was Re: More SHA-1 certs)
On 04/03/16 23:41, Jeremy Rowley wrote:
> > My fix is much simpler (because the BRs have traditionally avoided
requiring reissuance of sub CAs). Require that all certs with serverauth,
anyEKU, or no EKU be covered by the BR
On 04/03/16 23:41, Jeremy Rowley wrote:
> My fix is much simpler (because the BRs have traditionally avoided requiring
reissuance of sub CAs). Require that all certs with serverauth, anyEKU, or no EKU
be covered by the BRs. CAs required to issue certs that are covered but cannot
conform
3 matches
Mail list logo