On Thu, Dec 19, 2019 at 3:59 PM Jeremy Rowley <jeremy.row...@digicert.com> wrote:
> Should anything be mentioned about the allowed algorithms? That's the > largest change to the policy and confirming the AlgorithmIdentifiers in > each case may take some time. > > I'd argue that this is a clarification rather than a change, and depending on the CA, confirming compliance with the updates in section 5.1 may not take as long as the CPS updates. I'm not strongly opposed to calling this out but I'd argue that it's hard to miss when reviewing all of the updates as required by question #1. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy