On Tue, Mar 6, 2018 at 4:45 AM, ramirommunoz--- via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote:
> > 1 * The inclusion request references a much older CPS [3] that doesn't > list the 2016 versions of these roots or comply with current policies. I > only reviewed the newer CPS [5], but this CPS (section 1.2.1) doesn't cover > the older roots that are currently included. I believe this is a compliance > issue with the currently included AC Camerfirma roots. > > RMM -> EIDAS regulation has been an important milestone that took us to > consider to setup a new hierarchy (2016) and writing a new CPS apart from > the other hierarchies and CPS, even more when our final target is to > distribute certificates only from the 2016 hierarchy. > This request to incorporate the new 2016 roots affects only to eIDAS CPS > (1.2.1). However, the CPS –no eIDAS (3.2.7) are still valid for the > hierarchies (2003 and 2008). > > Roots from the older hierarchies are currently included in the Mozilla CA program, but the CPS that applies to these roots does not comply with Mozilla policy (it hasn't been revised since 2015) - is that correct? If so, how and when do you intend to correct the problem? - Wayne _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
