g.beattie=globalsign@lists.mozilla.org] On Behalf Of
> Gervase Markham via dev-security-policy
> Sent: Thursday, July 20, 2017 10:58 AM
> To: mozilla-dev-security-pol...@lists.mozilla.org
> Subject: Re: Validation of Domains for secure email certificates
>
> Hi Doug,
>
> On 2
On 20/07/2017 14:04, Doug Beattie wrote:
Gerv,
In general, it is common to have an S/MIME certificate for an e-mail
account that does *not* belong to the domain owner. This is especially
true if the domain is a public/shared/ISP e-mail domain and is set up to
allow some way for the e-mail
Hi Doug,
On 20/07/17 13:04, Doug Beattie wrote:
> Since there is no BR equivalent for issuance of S/MIME certificates (yet),
> this is all CAs have to go on. I was curious if you agree that all of these
> methods meet the above requirement:
As you might imagine, this question puts me in a
Gerv,
Mozilla Policy 2.5 states this:
For a certificate capable of being used for digitally signing or encrypting
email messages, the CA takes reasonable measures to verify that the entity
submitting the request controls the email account associated with the email
address referenced in
4 matches
Mail list logo