In accordance with the schedule at https://wiki.mozilla.org/CA:Schedule
I am now opening the first public discussion period for a request from Microtec Ltd to add the Microsec e-Szigno Root CA root certificate to Mozilla. This is bug 370505, and Kathleen has produced an information document attached to the bug. https://bugzilla.mozilla.org/show_bug.cgi?id=370505 There's a summary of the information also available at http://www.mozilla.org/projects/security/certs/pending/#Microsec Some points worth mentioning about this request: * This CA is based in Hungary. Though it provides a lot of information in English (including a helpful CA hierarchy diagram) unfortunately all of its CPS documents are currently available in Hungarian only. Microsec has provided translations of the relevant sections in the bug comments, as well as other background information. I've asked András Tímár [1] of the Hungarian localization team to double-check the translations; for now I'm assuming the translations are accurate absent any information to the contrary. * Though a commercial CA, Microsec is audited by an agency of the Hungarian government. (This appears to be a fairly common practice in Europe, especially for CAs issuing so-called "qualified" certificates, as Microsec does.) The audit is against ETSI TS 101 456 and 102 042 and is annual. Kathleen has verified the relevant information with a government representative. * Microsec has a separate root used for OCSP, and apparently does not offer OCSP as a general public service; please see the comments in the bug. I'd like those of you who are OCSP experts to look at this issue and tell us if you see any potential problems there. This first public comment period will be for one week, and then I'll make a preliminary determination regarding this request. Frank [1] Fun fact: Within Hungary names are normally given in "Eastern order" (i.e., like China or Japan) with surname first. In this case I've transposed to Western order (I think). -- Frank Hecker [EMAIL PROTECTED] _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
