Require CAs to publish their CPs and CPSes under one of the following Creative Commons licenses: CC-BY, CC-BY-SA or CC-BY-ND.
This is so that there is no legal impediment to their proper storage, scrutiny etc. by relying parties. Proposal: add an additional paragraph to point 17 of the Inclusion policy, as follows: CPs and CPSes must be made available to Mozilla under one of the following Creative Commons licenses: Attribution (CC-BY), Attribution-ShareAlike (CC-BY-SA) or Attribution-NoDerivs (CC-BY-ND). If none of these licenses is indicated, the fact of application is considered as permission from the CA to allow Mozilla and the public to deal with these documents, and any later versions for root certificates which are included in Mozilla's trust store, under CC-BY-ND. (We would add links to the relevant license terms where each is mentioned.) This is: https://github.com/mozilla/pkipolicy/issues/12 ------- This is a proposed update to Mozilla's root store policy for version 2.4. Please keep discussion in this group rather than on Github. Silence is consent. Policy 2.3 (current version): https://github.com/mozilla/pkipolicy/blob/2.3/rootstore/policy.md Update process: https://wiki.mozilla.org/CA:CertPolicyUpdates _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
