Re: New intermediate certs and Audit Statements

On 3/24/21 5:32 AM, Rob Stradling wrote: On 9th July 2019, Kathleen wrote: I propose that to handle this situation, the CA may enter the subordinate CA's current audit statements and use the Public Comment field to indicate that the new certificate will be included in the next audit

Re: New intermediate certs and Audit Statements

ent: 09 July 2019 22:50 To: mozilla-dev-security-pol...@lists.mozilla.org Subject: New intermediate certs and Audit Statements All, There is some confusion about disclosure of new intermediate certs that are issued to subordinate CAs with currently valid audit statements. Section 5.3.2 of Mozi

Re: New intermediate certs and Audit Statements

On 7/9/19 3:17 PM, Ryan Sleevi wrote: On Tue, Jul 9, 2019 at 5:50 PM Kathleen Wilson via dev-security-policy I propose that to handle this situation, the CA may enter the subordinate CA's current audit statements and use the Public Comment field to indicate that the new certificate will be

Re: New intermediate certs and Audit Statements

On Tue, Jul 9, 2019 at 5:50 PM Kathleen Wilson via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > All, > > There is some confusion about disclosure of new intermediate certs that > are issued to subordinate CAs with currently valid audit statements. > > Section 5.3.2 of

New intermediate certs and Audit Statements

All, There is some confusion about disclosure of new intermediate certs that are issued to subordinate CAs with currently valid audit statements. Section 5.3.2 of Mozilla's Root Store Policy says: "If the CA has a currently valid audit report at the time of creation of the certificate, then