On Thursday, September 6, 2018 at 7:44:15 PM UTC-4, Wayne Thayer wrote: > All, > > I've drafted a new email and survey that I hope to send to all CAs in the > Mozilla program next week. it focuses on compliance with the new (2.6.1) > version of our Root Store Policy. I would appreciate your feedback on the > draft: > > https://ccadb-public.secure.force.com/mozillacommunications/CACommunicationSurveySample?CACommunicationId=a051J00003rMGLL > <https://ccadb-public.secure.force.com/mozillacommunications/CACommunicationSurveySample?CACommunicationId=a051J00003mogw7> > > Thanks, > > Wayne
With regard to the actions. ACTION 6 - Can we select CA certificates which we do not want pre-loaded? In some cases the CA certificate is no longer used and does not need pre-loading. ACTION 7 - Although we support the Chrome CT requirement, we do have a process to allow customers to choose not to CT log their certain SSL certificates. We do not redact names, but I suppose we allow a customer to redact certificates. As such, I don't think the responses listed in action 7 covers this model. Thanks, Bruce. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
