RE: DigiCert-Symantec Announcement

2017-08-20 Thread Jeremy Rowley via dev-security-policy
Hi everyone, We’re still progressing towards close and transition. One of the items we are heavily evaluating is the root structure and cross-signings post close. Although the plan is still being finalized, I wanted to provide a community update on the current proposal. Right now,

Re: BR compliance of legacy certs at root inclusion time

2017-08-20 Thread Ryan Sleevi via dev-security-policy
On Sun, Aug 20, 2017 at 3:44 PM, Peter Bowen wrote: > From the perspective of being "clean" from a given NSS version this, > makes sense. However the reality for most situations is there is > demand to support applications and devices with trust stores that have > not been

Re: BR compliance of legacy certs at root inclusion time

2017-08-20 Thread Peter Bowen via dev-security-policy
On Fri, Aug 18, 2017 at 8:47 AM, Ryan Sleevi via dev-security-policy wrote: > On Fri, Aug 18, 2017 at 11:02 AM, Gervase Markham via dev-security-policy < > dev-security-policy@lists.mozilla.org> wrote: > >> Sometimes, CAs apply for inclusion with new, clean