Github issue:https://github.com/mozilla/pkipolicy/issues/42
My opinions: It's good to restrict government CAs to certain TLDs for reasons below 1. government CA is intented to provide domestic assurance of IDs and services for government's websites. 2. If we assume every government is "evil", we can limit its consequences in the corresponding ccTLD. 3. Make government CA dedicated for their people. But there's also questions: 1.Policital Problems Due to the word "country", there MUST be lots of policital problems. In a word, what we should do about ".tw"? (I am Chinese.) 2.Definition about "government CA" Who can represent the government? NIC could be private (or not? I am not sure). _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy