[cabfpub] Mozilla Root Store Policy Update

Wayne Thayer wthayer at mozilla.com
Fri Nov 15 15:25:09 MST 2019


For those CA members who were not in attendance during my Mozilla Update
presentation in Guangzhou, I'd like to once again call attention to the
upcoming Mozilla policy changes that may affect you. Those changes include:

* Requiring EKUs in end-entity certificates by 1-July 2020
* Requiring specific CP/CPS formatting after 31-March 2020
* Clarifying the requirements for algorithms used in certificates
* Forbidding the delegation of the validation of the domain portion of en
email address in an S/MIME certificate

Please refer to the minutes of my presentation from the Guangzhou F2F
meeting, the redline of the new Mozilla policy [1], and the
mozilla.dev.security.policy mailing list archives for more information. If
you have questions or concerns about these changes, please post them to the
mozilla.dev.security.policy mailing list.

Thanks,

Wayne

P.S. - If anyone feels that this message  is off-topic, please let me know.
I'm trying to over-communicate these changes to avoid catching anyone by
surprise.

[1] https://github.com/mozilla/pkipolicy/compare/master...2.7?diff=split
(click on the 'files changed' tab)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20191115/8e05a645/attachment.html>


More information about the Public mailing list