On 4/23/15 4:21 PM, Kathleen Wilson wrote:
All,
It has been brought to my attention that we do not have a documented
procedure or policy about how to transfer a root certificate from one CA
to another.
Do we need to add expectations about root cert transfers to Mozilla's CA
Certificate Policy?
I think, at the minimum, we should add information about our
expectations to one of our process wiki pages, or maybe this needs its
own wiki page?
Thanks to all of you who have contributed to this discussion so far. You
have given me a lot to think about, so it will take me a bit longer to
respond with a proposal.
I am currently thinking that we should have a separate wiki page about
this topic. The page should outline the different ways the ownership of
a root certificate may change, and our expectations.
Thanks,
Kathleen
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
