My take on this is, the policy should be carefully examined before it is decided, it's not something to do in a hurry just because there are a couple CAs that are shouting that they want to be included right away. It may well be that the right policy requires some work to actually implement.
I kind of agree with Franks statement about security issues relating to mozilla Vs this one, surely they are directly related a lot more to MF liability then any CA issue, as the CA themselves should be liable not the MF for any poor judgment of certificates issued.
_______________________________________________
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
