AW: DFN-Verein: CPS/CP link in CCADB not in English

2020-03-20 Thread Arnold Essing via dev-security-policy 
It was our assessment when adding data to CCADB, that Mozilla would be 
interested in the authoritative documents in CCADB and requires English 
(non-authoritative) translations to be readily available (“provided”) on our 
websites and upon request. 

The CCADB-policy states in chapter 5, that URLs for CP and CPS shall be added 
to CCADB. Several paragraphs below, it is stated that “CAs must provide English 
versions of any Certificate Policy, Certification Practice Statement…” which 
does not specify exactly how these English versions shall be provided. English 
translations have been provided on the webpages at the location stated in 
DFN-PKI’s CP, chapter 2.2 (Publication of Certification Information) for 
several years. 

Therefor we are also of the opinion that we did not violate the CCADB policy. 
Because the English language versions benefit the community, the links were 
changed in the CCADB on March 19, 2020.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

AW: DFN-Verein: CPS/CP link in CCADB not in English

2020-03-19 Thread Arnold Essing via dev-security-policy 
Thanks for pointing it out. We changed the links so that they now refer to the 
English version of the CP and CPS.



-Ursprüngliche Nachricht-
Von: dev-security-policy  Im 
Auftrag von Matt Palmer via dev-security-policy
Gesendet: Donnerstag, 19. März 2020 10:56
An: mozilla-dev-security-pol...@lists.mozilla.org
Betreff: DFN-Verein: CPS/CP link in CCADB not in English

As I understand the CCADB Policy (which is included by reference in the Mozilla 
Root Store Policy), CAs are required to provide an English translation of their 
CP/CPS documents, and link to them in the CCADB.

At the time of writing, the "AllCertificateRecordsReport" CSV shows the link 
for the "DFN-Verein Certification Authority 2" CP as being 
https://www.pki.dfn.de/fileadmin/PKI/DFN-PKI_CP.pdf, which at present loads a 
non-English PDF.  Similarly, the link for that same CA's CPS is 
https://www.pki.dfn.de/fileadmin/PKI/DFN-PKI_CPS.pdf, which is also a 
non-English document.

What is the procedure for poking DFN-Verein (or their parent CA, T-TeleSec) to 
get them to provide links to suitably translated documents?

- Matt

___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy