On 12/14/15 17:56, Eli Spitzer wrote: > The SubCA "Comsign Ev SSL CA" is at its initial development stages. It was > indeed created under "Comsign Global Root CA", but so far we only issued a > handful of test certificates from it. We have no plans to issue public > certificates from it at the moment, since the EV trust bit will not be active > any time soon.
Mozilla's policy requires subCAs to be publicly disclosed "before any [] subordinate CA is allowed to issue certificates." How was this performed for this subCA? > > censys.io probably picked up the certificate from a test website that is used > only for development purposes. > > Comsign is not requesting the EV trust bit at the moment, but we are planning > to so sometime in the near future. Probably not before the end of 2016. > > Eli Spitzer | Information security & System Management | Comda > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
