Ian G wrote re CPSs not available in English:
Which leads to the first easy fix: insist that all non-english CAs
translate all their docs. Then I can read the CPS! I personally am
unsatisfied at that, I see flaws.
1. Frank has made the case for regional and local CAs. The web is
wide,
I've decided to make S-TRUST the next CA to enter the public discussion
period. (I need to do a little more work for KISA, T-Systems, and
Microsec, the other CAs near the top of the list.) S-TRUST is operated
by Deutscher Sparkassenverlag (DSV), which has applied to add four new
root CA
Eddy Nigg wrote re S-TRUST issuing new root certificates annually:
This is unfortunate and seems to me problematic. I'd suggest that they
create a root from which they'd issue those as intermediate. I'm almost
certain that other vendors will not include them for the same reason (so
it's not an
On 12/17/2008 12:04 AM, Frank Hecker:
Please feel free to mention this issue in the bug. However I suspect
that S-TRUST is constrained in its practices by the relevant German laws
and/or EU directives.
I'm not aware of such an EU directive (and we would have known by now
from other inclusion
On 12/17/2008 01:26 AM, Frank Hecker:
That's a good idea, I'll do that. I'd like to get a definitive answer on
this question, since I know I've seen this practice with other CAs,
including I think at least one not in Germany.
Frank, I asked about it at the bug already earlier. Once I get the
Ian G wrote re creating new root certificates annually for CAs issuing
qualified certificates:
It is most likely in the regulations that are created by the regulating
agency; that is the way these things work. I think that is the
telecommunications regulator. Likely, these things are not
On 16/12/08 23:04, Frank Hecker wrote:
Eddy Nigg wrote re S-TRUST issuing new root certificates annually:
Please feel free to mention this issue in the bug. However I suspect
that S-TRUST is constrained in its practices by the relevant German laws
and/or EU directives. Unfortunately I
Frank Hecker wrote:
I've decided to make S-TRUST the next CA to enter the public discussion
period. (I need to do a little more work for KISA, T-Systems, and
Microsec, the other CAs near the top of the list.) S-TRUST is operated
by Deutscher Sparkassenverlag (DSV), which has applied to add
On 12/17/2008 03:42 AM, Nelson B Bolyard:
Do the new certs for S-TRUST have the same key, or do they have
different keys? If they have different keys, do they also have different
subject names?
Do they have different Subject Key ID (SKID) extension values?
Do the certs they issue have Authority
9 matches
Mail list logo
