[cabfpub] (Eventually) requiring id-kpServerAuth for all certs in the chain?
Gervase Markham
gerv at mozilla.org
Fri Nov 21 04:49:22 MST 2014
On 21/11/14 03:06, Kelvin Yiu wrote:
> Instead of each browser root program maintaining their own separate
> audit requirements, would it be better for the CABF as a body to
> maintain a list of suitable audit criteria (along with the version of
> the audit criteria and possibly auditor qualification information) in a
> separate guidelines document that browsers can reference?
Mozilla reserves the right to accept audit criteria that we define. So
an advisory document which kept up with the latest in what WebTrust and
ETSI are doing would be great and welcome. (Something more mandatory
would not.)
Gerv
More information about the Public
mailing list