Frank Hecker wrote: > Kathleen Wilson and I have been discussing how to re-start the > evaluation process for T-Systems. If you recall, that request (bug > 378882) got bogged down in a discussion of how to deal with situations > where the root CA doesn't actually issue end entity certificates and the > root CA's CPS doesn't address issuance of EE certs, but instead all the > EE certs are issued by third-party subordinates.
Out of curiousity... How many (if any) such CAs are currently included in NSS? It seems a little scary to be providing a way for these 3rd party CAs to become operational in Mozilla products without going through the Mozilla approval process. It seems like a different degree or trust. Justin _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto