Re: Policy 2.7.1: MRSP Issue #152: Add EV Audit exception for Policy Constraints

2020-10-17 Thread Ryan Sleevi via dev-security-policy
On Sat, Oct 17, 2020 at 3:48 PM Ben Wilson wrote: > Ryan wrote: > > > If we apply this concept to the proposed language, then the requirement > for an EV audit is > > simply about whether there is any unexpired, unrevoked path to a root CA > which can issue > > EV certificates. Similarly,

Re: Policy 2.7.1: MRSP Issue #152: Add EV Audit exception for Policy Constraints

2020-10-17 Thread Ben Wilson via dev-security-policy
Ryan wrote: > If we apply this concept to the proposed language, then the requirement for an EV audit is > simply about whether there is any unexpired, unrevoked path to a root CA which can issue > EV certificates. Similarly, checking the scope for an EV audit becomes “the entire hierarchy”. >

Re: Policy 2.7.1: MRSP Issue #152: Add EV Audit exception for Policy Constraints

2020-10-17 Thread Ryan Sleevi via dev-security-policy
On Thu, Oct 15, 2020 at 4:36 PM Ben Wilson via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > This issue is presented for resolution in the next version of the Mozilla > Root Store Policy. It is related to Issue #147 >