On 10/30/13 1:37 PM, Kathleen Wilson wrote:
On 10/30/13 3:35 AM, martin.kra...@atos.net wrote:
We will update the affected section in version 1.7 of our CPS to:
77 [SSL-CA]: A legal entity, represented by a device or system, which
requests a certificate is identified and authenticated for the first
time via the subject of the certificate and the registration of an
Internet Domain name:
• The legal entity is the Domain Name Registrant or has control
over the Internet Domain Names given in the certificate (can be found
for Germany with www.denic.de or international with www.iana.org).
• The legal’s entity full name or a verified tradename matches the
subject’s organization name in the certificate.
• The existence of the legal entity is evident from an excerpt from
the commercial register (certificate of registration, in Germany:
Handelsregisterauszug).
This looks reasonable to me.
Are there any other questions or comments about this request to include
the “Atos TrustedRoot 2011” root certificate and enable all three trust
bits?
If not, I will track the action item in the bug.
After I have confirmed completion of the action item, I plan to approve
this inclusion request.
Kathleen
I have confirmed completion of the action item for Atos to update their
CPS to clarify the steps taken to verify that the domain name to be
included in the certificate is owned/controlled by the certificate
subscriber.
The updated CPS is available on their website:
https://pki.atos.net/Download/AtosTrustedCACPSv1.7.pdf
Thank you to those of you who contributed to both discussions about the
request from Atos to include the “Atos TrustedRoot 2011” root
certificate and turn on all three trust bits.
The action items that resulted from the first discussion have been
completed, and the questions that were raised during this discussion
have been resolved.
I am closing this discussion, and I will recommend approval in the bug.
https://bugzilla.mozilla.org/show_bug.cgi?id=711366
Any further follow-up on this request should be added directly to the bug.
Thanks,
Kathleen
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
