Given that no other concerns have been raised, I consider this request to have been "resolved with a positive conclusion" as required by Mozilla policy section 8.1.
Arnold: please update the information in CCADB (or ask Kathleen if you are unable) when this change takes effect. - Wayne On Wed, Apr 29, 2020 at 11:56 AM Wayne Thayer <wtha...@gmail.com> wrote: > Thank you for making this announcement Arnold. This change of legal > ownership is covered by section 8.1 of the Mozilla Root Store Policy, > including the following statement: > > If the receiving or acquiring company is new to the Mozilla root program, >> it must demonstrate compliance with the entirety of this policy and there >> MUST be a public discussion regarding their admittance to the root program, >> which Mozilla must resolve with a positive conclusion in order for the >> affected certificate(s) to remain in the root program. >> > > Technically I believe the statement above applies to this situation, so I > would like to formally begin the discussion period for this change in legal > ownership of the T-Systems CA by requesting additional thoughtful and > constructive feedback from the community. I will plan to keep the > discussion period open for a minimum of 3 weeks. > > T-Systems has already indicated that no changes to their CP/CPS are > planned aside from the company name. > > On Tue, Apr 28, 2020 at 7:18 AM Pedro Fuentes via dev-security-policy < > dev-security-policy@lists.mozilla.org> wrote: > >> Thanks, Arnold. >> >> Our change was more complex, so we had to go to a more cumbersome >> process, including audits of the ownership receiving party. >> >> What I guess it's required now is an explicit confirmation from Mozilla >> to say if such a direct transfer to an entity not member of the program is >> compliant with section 8.1 of the policy. >> >> > I believe that the plan described by T-Systems is compliant with Mozilla > policy. > > - Wayne > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
