Perhaps this is somewhat premature, but I nevertheless would like to
suggest a path for implementation and practical steps for implementation
of the multi-level proposal we put forward. Actually what I want to
know, how this could and would be implemented and here are my thoughts:
- Once and if Mozilla comes to a decision concerning our proposal, the
first step would be most likely to extend the Mozilla CA policy as a new
draft.
- The new Mozilla CA policy draft would be open for review and
discussion for a certain period (Guess this is how it is done??).
- The policy would take effect after this period (Pending some vote or
something??).
- Support for the OID detection would be implemented in the NSS library.
- At this stage I would suggest to implement a small text field in the
certificate viewer which would show the level assigned to the
certificate if it's found. This text field would be only visible, if a
special flag in the config is turned on (by default off). This would be
mostly used by CAs and developers (UI?) to start the implementation of
the OID and testing of it by all sides.
- Last step, the UI implementation of the indicators (whatever that means).
Is this the way things would be done at Mozilla for the implementation
of this proposal?
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
Phone: +1.213.341.0390
_______________________________________________
dev-security mailing list
dev-security@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security