Re: Guang Dong Certificate Authority (GDCA) root inclusion request

[wangsn1206]

在 2016年10月30日星期日 UTC+8下午9:13:32，Gervase Markham写道：
> On 29/10/16 22:23, Han Yuwei wrote:
> > Is SM2 acceptable in publicy-trusted CAs? I don't think so.
> 
> No; the BRs list the permitted algorithms, and SM2 is not one of them.
> 
> > Maybe Gerv could explain more about this. And I am wondering what can
> > CA do if government requirement conflicts with Mozilla's policy?
> 
> It may well be a government requirement that Chinese CAs be able to
> issue SM2 certificates. However, no-one has yet demonstrated that it's a
> requirement that they do so from specific roots (i.e. the ones trusted
> by the major root stores).
> 
> Gerv
We know that SM2 is not a permitted algorithm in BRs list. And we only apply 
for GDCA TrustAUTH R5 ROOT to be included this time.
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy