Brian Smith filed two issues on our Root Store Policy relating to making specific requirements of the technical content of certificates:
"Specify allowed PSS parameters" https://github.com/mozilla/pkipolicy/issues/37 "Specify allowed encoding of RSA PKCS#1 1.5 parameters" https://github.com/mozilla/pkipolicy/issues/38 I am not competent to assess these suggestions and the wisdom or otherwise of putting them into the policy. I also am not able to draft text for them. Can the Mozilla crypto community opine on these suggestions, and what the web compat impact might be of enforcing them? Gerv -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto