On Wed, Apr 1, 2026 at 9:11 AM Mike Shaver <[email protected]> wrote:
> On Wed, Apr 1, 2026 at 11:08 AM Nico Williams <[email protected]> > wrote: > >> I don't see how the IAB, IESG, or IETF can possibly accept the program's >> policy change > > > Why do those groups have to "accept" the change? Do they commonly review > or require changes to browser root programs (including the Microsoft and > Apple ones which are aligned with the change to clientAuth issuance from > included roots)? I've been quite involved in WebPKI discussions and I've > never previously heard about IETF or related approval being required or > even appropriate for those programs' policies. > > Are there other elements of the policies that you think should be subject > to IETF approval? > Impeccable timing. Let's consult RFC 8962. https://www.rfc-editor.org/rfc/rfc8962.html thanks, Rob
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
