I have incorporated the final changes from our policy discussions, as well as some corrections and clarifications that Kathleen and I found during our review, into the latest draft of the policy: https://github.com/mozilla/pkipolicy/compare/master...2.6 I would encourage everyone to review the changes and respond with any comments.
On Fri, May 11, 2018 at 11:11 AM Wayne Thayer <wtha...@mozilla.com> wrote: > We're concluding discussions on all of the issues identified for version > 2.6 of the policy [1]. > > You can find a complete set of changes here: > https://github.com/mozilla/pkipolicy/compare/master...2.6 > > Two of the changes [2][3] require CAs to update their CP/CPS. For many CAs > the current practice is to wait for the next required annual review > (usually coinciding with their audit) to make CP/CPS changes. Do we want to > allow that practice to continue, or set a date by which we expect CP/CPSs > to reflect the new requirements? This was previously discussed [4], with > the outcome being that we would make these decisions on a case-by-case > basis. > > > Since there were no comments on the question above, we'll continue with the status-quo: there will be no defined enforcement date for the CP/CPS changes required by the 2.6 version of our policy. CAs are expected to update their CP/CPSs within a reasonable period of time of the 2.6 effective date. I expect the 2.6 effective date to be sometime in June. > > - Wayne > > [1] > https://github.com/mozilla/pkipolicy/issues?utf8=%E2%9C%93&q=label%3A2.6+ > [2] > https://github.com/mozilla/pkipolicy/commit/e5269ff0d6ced93a6c6af65947712b8e4b2e18b8 > [3] > https://github.com/mozilla/pkipolicy/commit/42ebde18794bc1690885bfdd4e3fb12e7c2c832b > [4] > https://groups.google.com/d/msg/mozilla.dev.security.policy/PYIAoh6W6x0/TT2u4wfoBQAJ > > On Mon, Mar 19, 2018 at 10:15 PM Wayne Thayer <wtha...@mozilla.com> wrote: > >> There are 17 proposed changes in total for version 2.6 of the policy, and >> I'm about to kick off discussions on the first batch. I expect some of >> these to be straightforward while others will hopefully generate good >> dialogues. As always, everyone's constructive input is appreciated. >> >> Thanks, >> >> Wayne >> >> On Wed, Feb 21, 2018 at 9:14 AM, Wayne Thayer <wtha...@mozilla.com> >> wrote: >> >>> I've added the issue of subordinate CA transfers to the list for policy >>> version 2.6: https://github.com/mozilla/pkipolicy/issues/122 >>> >>> >> _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy