Hello, the 2 CA certificates signed by Certinomis has been retained till a full successful webtrust audit.
On end of June the audit report form PwC was available but with still some minor issues. I asked StartCom to correct them. On July 14th the audit report and the policy were updated and published on StartCom website. The first of August I received the agreement from my management to send the CA certificates to StartCom. So I disclose them in the CCADB, with the corresponding policy documents and audit reports before sending them to Inigo. So StartCom was not able to use the path our Root before yesterday. If there are some previous issued TLS certificates that does not comply with BR, then theses TLS certificates has to be revoked. Best regards Franck Leroy _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy