On Wed, Feb 1, 2023 at 9:42 AM John Han (hanyuwei70) <hanyuwe...@gmail.com> wrote:
> > The CA operator is in a global region that cannot use the CCADB > <https://trust.salesforce.com/blocked>, or is not capable of entering > into a contractual agreement with a US-based > <https://www.treasury.gov/resource-center/sanctions/Programs/Pages/Programs.aspx> > company. > Is this means US government can control whether any CA is in Mozilla root > store? > I would assume if they are listed on https://sanctionssearch.ofac.treas.gov/ for example then yes, Mozilla and friends can't be doing business with them (and putting them into the root CA ... yow). I'm trying to think of a legitimate corner case where a company can't do business with a US entity legally but is still somehow trustworthy enough to be a root CA, and nothing comes to mind. -- Kurt Seifried (He/Him) k...@seifried.org -- You received this message because you are subscribed to the Google Groups "dev-security-policy@mozilla.org" group. To unsubscribe from this group and stop receiving emails from it, send an email to dev-security-policy+unsubscr...@mozilla.org. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CABqVa3-ySOgS5n1W8o6YCYCefGexCF8mmrQZK0-toTN%2BRH%2BrcQ%40mail.gmail.com.
