On 3/24/21 5:32 AM, Rob Stradling wrote:
On 9th July 2019, Kathleen wrote:
I propose that to handle this situation, the CA may enter the
subordinate CA's current audit statements and use the Public Comment
field to indicate that the new certificate will be included in the next
audit statements.
Hi Kathleen. CCADB now automatically shows the following message (when
relevant) in red text at the top of each intermediate certificate page:
"This certificate was created after the audit period of the current audit
statement, so please make sure to include it in the CA's next periodic audit
statement."
Do you still expect CAs to "use the Public Comment field to indicate that the new
certificate will be included in the next audit statements"?
Or may we stop doing that now?
Thanks.
Rob, Thanks for bringing this up. I agree that it is not necessary to
use the Public Comment field to indicate that the new certificate will
be included in the next audit statements. CAs may stop doing that.
Thanks,
Kathleen
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
