Bonjour, Le lundi 9 janvier 2017 18:02:57 UTC+1, Jeremy Rowley a écrit : > Not many websites, but all of the Belgium ID cards would end up being > revoked.
Not exactly. The "Belgium Root CAx" CA certificates issued by Cybertrust would be revoked, but since these CAs also have self-signed certificates, Belgium ID cards will still have a valid chain up to these self-signed "Belgium Root CAx" certificates. > Although Belgium is only issuing client certs, the issuing CA is not > technically constrained, meaning a BR, Network security, and standard > WebTrust audit is required. We are currently waiting for the results of the > audit report. And maybe the opinion report from a Qualified Auditor regarding the private key generation of these subordinate CAs. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
