Proposal for certificate policy
Frank Hecker writes in the netscape.public.mozilla.crypto newsgroup:
As noted in prior discussions, the Mozilla Foundation and mozilla.org staff are considering adopting a formal policy regarding selection of new CA certificates for inclusion in the default certificate database distributed with Mozilla, Firefox, Thunderbird, etc. They have asked me to take the lead on attempting to create such a policy. As with prior policies I've been involved with (e.g., the policy for handling reports of Mozilla security vulnerabilities) my preferred approach is to try and develop this policy through a process of discussions in public forums and with parties affected by the policy (e.g., Mozilla developers and new CAs).
There's a bug filed in bugzilla for including an outside cert.Comment by alanjstr at February 12, 2004 02:07 AM | Permalink