[cabfpub] Misissuance of certificates

Sigbjørn Vik sigbjorn at opera.com
Mon Jan 18 11:58:45 UTC 2016

On 15-Jan-16 20:01, Eneli Kirme wrote:
> Hi again, 
> We would like to clarify a bit about scope vs compliance. Can it be, that
> 1) Under root participating in root programs there’s a subordinate that
> issues certificates which are out of scope of BR-s (i.e. not intended
> for public web server authentication)?

No. The current understanding of the scope is all certificates chaining
to a root embedded in public browsers. A CA can choose itself which
roots are in scope, but not individual certificates.

Sigbjørn Vik
Opera Software

More information about the Public mailing list