[cabfpub] Teleconference Agenda

Gervase Markham gerv at mozilla.org
Thu Nov 7 11:21:12 UTC 2013

On 06/11/13 21:00, Ben Wilson wrote:
> On the first item, private key possession by CAs.  We ought to address
> secure private key generation by CAs, secure delivery to subscribers,
> and secure deletion of subscriber private keys from CA systems.  We
> ought to look what we already have written and then to policies that
> others have written as guidance for improvements to CABF policy.

An idea that floated into my mind was to mark (e.g. with an OID)
certificates where someone other than the subscriber generated the
private key. Full disclosure, and all that.


More information about the Public mailing list