Kaspar Brand wrote: > Another 10 days have passed without any apparent sign of Mozilla's > willingness to address the case of the non-existence of an OCSP > responder for the Cybertrust SureServer EV CA.
And since CRL support was dropped in recent Firefox/Seamonkey releases there's no revocation checking mechanism for those certs at all. > Otherwise, the CA Certificate Policy is definitely > becoming nothing but a farce (cf. e.g. item 2 of the Inclusion Policy, > "a public process, based on objective and verifiable criteria"), and the > Enforcement Policy in particular will remain a paper tiger in all eternity. Is that news to you? The policy discussions here are just security theater - since years... Ciao, Michael. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy