Hi Ryan, On 10/04/17 17:03, Ryan Sleevi wrote: > 2) You stated that "browsers didn't process certificate policy extensions > content during path building". This fails to clarify whether you believe it > was a Baseline Requirements violation, which makes no such statements > regarding policy building. Further, no such browser has, except for EV, > made use of any policy IDs beyond path building.
Can you clarify: are you asking if Steve believes that the BRs require _browsers_ to do such processing of certificate policy extensions? Or are you asking him if he believes that including such extensions in the cross-cert was a BR violation? Or if he believes that cross-certifying into a hierarchy which relies upon such extensions is a BR violation? Or something else? :-) Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy