On 11/19/15 23:09, Kathleen Wilson wrote: > By the time version 2.3 of Mozilla’s CA Cert Policy is published, I hope to > have > issued a CA Community License to every included CA. Taking that into > consideration; I propose changing the policy as follows. > [snip] > > As always, I will appreciate your thoughtful and constructive input about this > proposal.
Shouldn't there also be something in the policy about when and how CAs should provide updated annual public attestation statements for the subCAs? (I assume the 30 days from the updated audit being available to the CA in the Maintainence Policy is appropriate for this.) _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
