Dear Inigo, On 14/09/17 09:49, Gervase Markham wrote: > The Mozilla CA Certificates team has been considering what the > appropriate next steps are for the inclusion request from the CA > "StartCom".[0] As readers will know, this CA has previously been removed > from trust[1], and so a re-application obviously involves particular > scrutiny. In addition, several questions have been raised about the way > in which the new StartCom PKI has been operated technically[2]. This is > a proposal for the way forward, on which comments are invited.
A month ago we posted the above re: StartCom, in what was officially a request for comments. The ensuing discussion did not lead us to conclude that anything we were asking for was inappropriate. So we want to formally confirm that it is indeed Mozilla's requirement that StartCom begin again with a new-new hierarchy and do the other things outlined in the original post before we will further consider a root inclusion request from StartCom. Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy