[cabfpub] Misissuance of certificates
Sigbjørn Vik
sigbjorn at opera.com
Mon Jan 18 11:58:45 UTC 2016
On 15-Jan-16 20:01, Eneli Kirme wrote:
> Hi again,
>
> We would like to clarify a bit about scope vs compliance. Can it be, that
>
> 1) Under root participating in root programs there’s a subordinate that
> issues certificates which are out of scope of BR-s (i.e. not intended
> for public web server authentication)?
No. The current understanding of the scope is all certificates chaining
to a root embedded in public browsers. A CA can choose itself which
roots are in scope, but not individual certificates.
--
Sigbjørn Vik
Opera Software
More information about the Public
mailing list