Based on this discussion, Mozilla is denying the ComSign Global Root CA inclusion request. I'd like to thank everyone for your constructive input into the discussion, and I'd like to thank ComSign for their patience and work to address issues as they have been discovered.
ComSign may submit a newly generated root and key-pair for inclusion, and this submission can be made using the existing bug ( https://bugzilla.mozilla.org/show_bug.cgi?id=675060) For now, I am moving this request to an on-hold status. Mozilla will require updated documentation, and that documentation will need to be verified. This request will effectively need to go through the entire process again, but may do so more quickly if ComSign's new submission addresses all the issues that have already been identified. - Wayne On Mon, Feb 19, 2018 at 4:09 AM, YairE via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > Dear Wayne, > What is the decision on our matter? > Can we start the new Root process (new Certificate with new KeyPair and > the new CA software) and proceed the inclusion from this point later? > Our next steps will be to create all the above and disclose all the needed > audits as required by Mozilla and the BR. > > Looking forward to your reply. > > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy