Re: Question about BR audit

On Mon, Mar 3, 2014 at 8:33 PM, Kathleen Wilson kwil...@mozilla.com wrote: New CAs are frequently not members of the CA/Browser Forum, I guess that's reasonable. so they tend to find out about the Baseline Requirements audit when they apply for inclusion. The idea that an organization wants

Seeking guidance on proceeding with KISA root inclusion request

All, I will appreciate your input on how to proceed with the KISA root inclusion request. My personal preference is to proceed with the process to approve/include the KISA root under the condition that Mozilla would constrain the CA hierarchy to *.kr. However, KISA does not want to

Re: Question about BR audit

On 3/4/14, 8:00 AM, Rich Smith wrote: On Mon, Mar 3, 2014 at 8:33 PM, Kathleen Wilson wrote: For those CA who have done the compliance with the Baseline Requirements for the first time, will your root certificate program accept a point-in-time readiness assessment audit against the WebTrust

Re: Seeking guidance on proceeding with KISA root inclusion request

So I understand: - KISA itself operates the South Korean governement CA - There other CAs in Korea (LCAs), and they are private organizations that are audited and signed by KISA. - Those LCAs are not audited to comply with the baseline requirements, or it's at least not clear they are. I see

Re: Seeking guidance on proceeding with KISA root inclusion request

On 3/4/2014 11:38 AM, Kathleen Wilson wrote: All, I will appreciate your input on how to proceed with the KISA root inclusion request. My personal preference is to proceed with the process to approve/include the KISA root under the condition that Mozilla would constrain the CA

Re: DigiCert Request to Include Renewed Roots

On 1/28/14, 4:25 PM, Kathleen Wilson wrote: DigiCert has applied to include 5 new root certificates that will eventually replace the 3 DigiCert root certificates that were included in NSS via bug #364568. The request is to turn on all 3 trust bits and enable EV for all of the new root certs. 1)

Re: Seeking guidance on proceeding with KISA root inclusion request

On 03/04/2014 09:38 PM, From Kathleen Wilson: My personal preference is to proceed with the process to approve/include the KISA root under the condition that Mozilla would constrain the CA hierarchy to *.kr. However, KISA does not want to constrain their CA hierarchy to *.kr. I have also

Re: Seeking guidance on proceeding with KISA root inclusion request

On 3/4/14, 4:00 PM, moun...@paygate.net wrote: as my understanding, one of LCAs of KISA was audited by WebTrust regulations. CrossCert, they have partnership with Verisign and also they are LCA of KISA. I think, at least one of LCAs is enough to be included into Mozilla Root Repository.