On 5/14/14, 6:42 AM, fhw...@gmail.com wrote:
Thanks for pointing out my oversight, Rob. When I read that first paragraph I
skipped over the first word, which is an important first word!
I was a little thrown by the last sentence, "a single issuing CA". I took that
to mean root cert, but I guess they meant any intermediate within the chain?
Does anyone have insight into why Microsoft wants to do this? Without the enforcement this is just
a "you have to promise not to do this" and "okay we won't" situation. I don't
see any point in that.
By the way, these 3 new roots were included into Microsoft's program
last August.
http://social.technet.microsoft.com/wiki/contents/articles/19218.windows-and-windows-phone-8-ssl-root-certificate-program-august-2013.aspx
Kathleen
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy