On Tue, Apr 01, 2014 at 11:27:53AM +0800, Man Ho (Certizen) wrote: > Hi All, > > In this discussion of KISA CA, it seems to conclude that KISA root > certificate should not be included in Mozilla trust list AND the > subordinate CAs should apply for inclusion themselves. On the other > hand, in the discussion regarding "Super CA", Mozilla seems to accept > inclusion of "Super CA" by saying that their subordinate CAs must apply > for inclusion of their own certificate until certain criteria are satisfied. > > It is very confusing what position Mozilla will take. Does the > subordinate CAs required to apply for inclusion themselves? It looks > like that KISA CA is by definition also a "Super CA", isn't it?
It looks to me that after repeated request for more information, KISA has failed to meet the requirements as discussed in the Super CA thread, and so the LCAs should apply themself. Kurt _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
