Re: Audits of CA conformance to the BRs

Kathleen Wilson Thu, 21 Aug 2014 09:32:30 -0700

On 8/20/14, 5:57 PM, Ryan Sleevi wrote:

  Regarding Whole-Population BR Audit of Intermediate Certs, since the BRs
  are for SSL certs, this should probably only apply to intermediate certs
  that are capable of issuing SSL certs.


Agreed, which will require a definition of capability. This was discussed
during the Mountain View F2F in the Forum though, and roughly aligns with
"Anything browsers recognize as SSL capable" (something Mozilla's policy
already explores)



Updated
https://wiki.mozilla.org/CA:BaselineRequirements#Whole-Population_Audit_of_Intermediate_Certs
to "intermediate certificates that are capable of issuing SSL certs."


  Regarding auditing for things in RFC 5280...



Added: https://wiki.mozilla.org/CA:BaselineRequirements#RFC_5280

It includes the information you provided.

Thanks,
Kathleen

_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audits of CA conformance to the BRs

Reply via email to