[cabfpub] Revocation ballot v2
Gervase Markham
gerv at mozilla.org
Wed Aug 23 17:45:26 MST 2017
On 23/08/17 17:39, Jeremy Rowley via Public wrote:
> “Certificate Problem Report: A complaint of suspected Key Compromise,
> Certificate misuse, or other types of fraud, compromise, misuse, or
> inappropriate conduct related to Certificates that is sent to an email
> address publicly specified in the CA’s repository. “
I think that if we want to mandate that the CA's Problem Reporting
Mechanisms include at minimum an email address, we should say that in
the relevant section, rather than slip it in here.
I would be in support of such a change. :-) We are considering it for
Mozilla policy. People currently find it too difficult to send reports
to multiple CAs, having to cope with lots of different mechanisms.
Gerv
More information about the Public
mailing list