I just found out about MoFO funding OCSP stapling support for mod_ssl :
http://issues.apache.org/bugzilla/show_bug.cgi?id=43822
In other words, Apache/mod_ssl web servers will be able to include an
OCSP token inside TLS HELLO responses. That will permit the client to
validate the server
Jean-Marc Desperrier wrote:
[...]
I assume this means the client support has been included in NSS.
Since which version ? Will this be only for Fx 3, or is it already
included in some version of Fx 2 ?
I should read http://wiki.mozilla.org/NSS:Roadmap more often.
As it's planified in NSS
I've been reading most relevant CP/CPS published at
http://repository.swisssign.com/ and currently have a question
concerning domain ownership validation (or relevant authorization
rights) of the Gold and Sliver server certificates issued by SwissSign
which would satisfy the Mozilla CA policy
Frank Hecker wrote:
Eddy Nigg (StartCom Ltd.) wrote:
Section 3.2.2 of the Gold CPS includes the following:
/DC= fields will only be accepted if a printout of the WHOIS entry for
the domain is included. The owner of the domain must approve the
request with a handwritten personal signature
Frank,
A policy question (or policy administration question):
Does Mozilla accept documents, *received from the applicants* (the CAs),
that purport to be true copies of auditor's attestation documents, as
being true copies of such documents, without any further proof?
That question applies to
Eddy Nigg (StartCom Ltd.) wrote:
Frank Hecker wrote:
If you have further questions please feel free to ask them in the bug;
I think Melanie Raemy of SwissSign is following the bug traffic but
not the newsgroup discussion.
Obviously I don't want to bother at the bug if unnecessary...so I
6 matches
Mail list logo
