Proposal for certificate policy
Frank Hecker writes in the netscape.public.mozilla.crypto newsgroup:
As noted in prior discussions, the Mozilla Foundation and mozilla.org staff are considering adopting a formal policy regarding selection of new CA certificates for inclusion in the default certificate database distributed with Mozilla, Firefox, Thunderbird, etc. They have asked me to take the lead on attempting to create such a policy. As with prior policies I've been involved with (e.g., the policy for handling reports of Mozilla security vulnerabilities) my preferred approach is to try and develop this policy through a process of discussions in public forums and with parties affected by the policy (e.g., Mozilla developers and new CAs).
Check out the two Proposals:
- Mozilla Certificate Policy
- Mozilla Certificate FAQ
Ads:
2 Comments
http://bugzilla.mozilla.org/show_bug.cgi?id=215243
Comment by alanjstr at February 13, 2004 03:41 AM | Permalink
There's a bug filed in bugzilla for including an outside cert.
Comment by alanjstr at February 12, 2004 02:07 AM | Permalink