> First, the cryptography license license is mandatory only for CAs (organizations who operate PKI facilities);
You are operating a CRL & OCSP server in China, right? > Secondly, There are many sole proprietorship (self-employed people) are also selling SSL digital certificates and running their own websites, which is totally unable to enroll ICP Registration License. Just because someone else is doing the same thing doesn't mean it's not illegal. > your post is completely weering off topic. I'm concerned with SSL.com CP/CPS 5.3.1. It claims "SSL.com verifies the identity and trustworthiness of all personnel, whether as an employee, agent, or an independent contractor, prior to the engagement of such person(s)." If an independent contractor operates illegally in his/her country, how can he/she be considered trustworthy? -- You received this message because you are subscribed to the Google Groups "dev-security-policy@mozilla.org" group. To unsubscribe from this group and stop receiving emails from it, send an email to dev-security-policy+unsubscr...@mozilla.org. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/56142ad0-44e1-49e0-af79-b85ab3ce9696n%40mozilla.org.