On 09/05/17 18:25, Doug Beattie wrote: > I'm not clear on what you mean by CAs must use only the 10 Blessed Methods by > 21st July 2017. > > I'm assuming this is the latest official draft: > > https://github.com/mozilla/pkipolicy/blob/master/rootstore/policy.md
Yes :-) > Specifically, does this mean all new domain validations must conform to the > 10 methods, > or that all new issuance > must be based on domains validated with only these 10 methods? It means that all new validations must be done using one of the 10 methods. The rules for information reuse will, I hope, be clarified in an upcoming ballot in the CAB Forum. Assuming that ballot doesn't say anything ridiculous, Mozilla will allow reuse according to those rules. Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy