[cabfpub] Concerns regarding Mozilla Root Program/Baseline Requirements

Tue Aug 6 21:50:47 UTC 2013

On 08/07/2013 12:43 AM, From kirk_hall at trendmicro.com:
>
> Ryan and Eddy – if it was anyone’s intention to put CAs in the 
> position of breach of contract with their existing customers for 
> long-term certificates they had issued pre-BR (by effectively 
> prohibiting them under the BRs from reissuing an existing long term 
> cert for the balance of the cert validity period, as the CAs had 
> agreed to do with their customers by contract), that was never made 
> clear by anyone.
>

Well, as I mentioned earlier, if you are in this situation then fire 
your lawyers and whoever is responsible for setting up the policies and 
agreements. But there are other possible solutions to make a customer 
happy and still stay in compliance with the BR, I don't have to mention 
those here.

> If it had been made clear, I doubt many CAs would have supported that 
> position.  We don’t think that’s a common-sense interpretation of the 
> current BRs.
>

In my opinion it's the only logical interpretation and not only that, 
but we've discussed this extensively and the current BR was created by 
consensus being fully aware of the implications. Claiming otherwise 
would be a lie.

Regards
Signer: 	Eddy Nigg, COO/CTO
	StartCom Ltd. <http://www.startcom.org>
XMPP: 	startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: 	Join the Revolution! <http://blog.startcom.org>
Twitter: 	Follow Me <http://twitter.com/eddy_nigg>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130807/d181d5b4/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4540 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130807/d181d5b4/attachment-0001.p7s>