RE: xmlsec / ECDSA problem

It's still permitted in the policy. https://www.mozilla.org/en-US/about/governance/policies/security-group/certs /policy/#inclusion Section 8. -Original Message- From: dev-tech-crypto [mailto:dev-tech-crypto-bounces+jeremy.rowley=digicert@lists.mozilla.org ] On Behalf Of Martin

Curves

I'd like to start using EdDSA curves for customers (and push for HSM support). This would be much easier if there weren't so many policies (that pre-date development of the curves) preventing actual use of the tech. Any thoughts on when/if the policy will change? Jeremy smime.p7s

RE: New wiki page on certificate revocation plans

This is great. Thanks Richard! For OneCRL and the EE certs, establishing parameters around when an EE is eligible for inclusion would give guidance to CAs about when to report revocations. Is the OneCRL intended for when the cert is compromised because of a breach of the CA? Or can high