This change is made in the 2.6 branch: https://github.com/mozilla/pkipolicy/commit/42ebde18794bc1690885bfdd4e3fb12e7c2c832b
We'll need to discuss a deadline for the CPS updates to be published. - Wayne On Mon, Mar 26, 2018 at 12:59 PM, Tim Hollebeek <tim.holleb...@digicert.com> wrote: > I like this one. > > It will be very useful as a starting point if we finally get a CABF S/MIME > working > group, which is likely to happen. > > -Tim > > > -----Original Message----- > > From: dev-security-policy [mailto:dev-security-policy- > > bounces+tim.hollebeek=digicert....@lists.mozilla.org] On Behalf Of Wayne > > Thayer via dev-security-policy > > Sent: Monday, March 26, 2018 2:50 PM > > To: mozilla-dev-security-policy > <mozilla-dev-security-pol...@lists.mozilla.org> > > Subject: Policy 2.6 Proposal: Require disclosure of S/MIME validation > practices > > > > Mozilla policy section 2.2(2) requires validation of email addresses for > S/MIME > > certificates, but doesn't require disclosure of these practices as it > does > for TLS > > certificates. > > > > I propose adding the following language from 2.2 (3) (TLS) to 2.2(2) > > (S/MIME): > > > > The CA's CP/CPS must clearly specify the procedure(s) that the CA employs > to > > perform this verification. > > > > This is: https://github.com/mozilla/pkipolicy/issues/114 > > > > ------- > > > > This is a proposed update to Mozilla's root store policy for version 2.6. > Please > > keep discussion in this group rather than on GitHub. Silence is consent. > > > > Policy 2.5 (current version): > > https://github.com/mozilla/pkipolicy/blob/2.5/rootstore/policy.md > > _______________________________________________ > > dev-security-policy mailing list > > dev-security-policy@lists.mozilla.org > > https://lists.mozilla.org/listinfo/dev-security-policy > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy