Re: Question: BR requirement about structuring CPS according to RFC 3647

2015-11-02 Thread mycho100
2015년 10월 29일 목요일 오전 4시 26분 21초 UTC+9, Ryan Sleevi 님의 말: > On Wed, October 28, 2015 1:55 am, mycho...@gmail.com wrote: > > > > Dear Sleevi > > > > First of all, I appreciate your detailed opinios and suggestions > > > > In terms of option B (application to only be for that of your SSL/website >

RE: Question: BR requirement about structuring CPS according to RFC 3647

2015-10-28 Thread Ben Wilson
Of Dimitris Zacharopoulos Sent: Wednesday, October 28, 2015 3:28 AM To: dev-security-policy@lists.mozilla.org Subject: Re: Question: BR requirement about structuring CPS according to RFC 3647 On 27/10/2015 8:55 πμ, mycho...@gmail.com wrote: > Korea has e-signature Act, Decree and Ordinance

Re: Question: BR requirement about structuring CPS according to RFC 3647

2015-10-28 Thread Ryan Sleevi
On Wed, October 28, 2015 1:55 am, mycho...@gmail.com wrote: > > Dear Sleevi > > First of all, I appreciate your detailed opinios and suggestions > > In terms of option B (application to only be for that of your SSL/website > CA rather than your root CA) > All CAs in CA hierarchy (including

Re: Question: BR requirement about structuring CPS according to RFC 3647

2015-10-27 Thread mycho100
Korea has e-signature Act, Decree and Ordinance. E-Signature act also contains several administration rules and one of administration rules is a ‘guideline for CPS’. Root CA/Sub-CAs controlled by government has to follow the 'guideline for CPS' when build or revise its CPS. So, structure of

Re: Question: BR requirement about structuring CPS according to RFC 3647

2015-10-27 Thread mycho100
Actually, I have been communicating with Kathleen about this issue. For your comments, two separate CAs (for user certificate and for SSL) are existed. Actually, e-Signature law doesn't mention of SSL directly. However, Root CA is controlled by government directly and government is likely to

Re: Question: BR requirement about structuring CPS according to RFC 3647

2015-10-22 Thread Richard Barnes
On Thu, Oct 22, 2015 at 1:42 PM, Kathleen Wilson wrote: > All, > > In section 2.2 of version 1.3 of the CA/Browser Forum's Baseline > Requirements, it says: > > "The disclosures MUST include all the material required by RFC 2527 or RFC > 3647, and MUST be structured in

Re: Question: BR requirement about structuring CPS according to RFC 3647

2015-10-22 Thread Moudrick M. Dadashov
eIDAS is becoming the only common Law on e-signatures (for the EU) and I'm not aware of any regulation on mandatory CP/CPS structures. Thanks, M.D. On 10/22/2015 8:56 PM, Richard Barnes wrote: On Thu, Oct 22, 2015 at 1:42 PM, Kathleen Wilson wrote: All, In section