Ian G wrote re creating new root certificates annually for CAs issuing
qualified certificates:
It is most likely in the regulations that are created by the regulating
agency; that is the way these things work. I think that is the
telecommunications regulator. Likely, these things are not translated
into English. (The simplification of "law" is often meant to include
these things.)
I suspect you are right about this. (I couldn't find anything about this
practice in EU documents I found.)
If you really wanted to do see it, the thing to do would
be to ask for the specific regulations, and get them translated.
That's a good idea, I'll do that. I'd like to get a definitive answer on
this question, since I know I've seen this practice with other CAs,
including I think at least one not in Germany.
Frank
--
Frank Hecker
hec...@mozillafoundation.org
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto