Re: Summary of Camerfirma's Compliance Issues

2021-01-19 18:01 GMT+01:00 Andrew Ayer via dev-security-policy : > It's troubling that even at this stage, Camerfirma still doesn't seem > to grasp the seriousness of their compliance problems. Today, > they are arguing that there was no security threat from a certificate > issued for a domain

Policy 2.7.1: MRSP Issue #139: Audits required even if not issuing

I've updated this subject line for consistency with the other issues. On Tue, Oct 6, 2020 at 2:31 PM Ben Wilson wrote: > Here is the first issue for discussion here on the m.d.s.p. list relative > to the next version of the Mozilla Root Store Policy (v.2.7.1). > > #139

Policy 2.7.1: MRSP Issue #147 - Require EV audits for certificates capable of issuing EV certificates

I've updated the subject line for this thread so that it is consistent with the other issues. Also, as an update to what we are considering to address this issue, we are looking at pointing to existing language here: https://wiki.mozilla.org/CA/EV_Processing_for_CAs#EV_TLS_Capable. On Thu, Nov