Subject: Policy-Discussion
List archive
- From: Daniel Black <daniel AT cacert.org>
- To: "Policy-Discussion" <cacert-policy AT lists.cacert.org>
- Subject: DRC for audit - acceptability
- Date: Fri, 26 Mar 2010 16:54:57 +1100
- Authentication-results: lists.cacert.org; dkim=pass (1024-bit key) header.i= AT cacert.org; dkim-asp=none
- Organization: CAcert
It was decided long long ago to go for DRC with the audit.
It has been asked as to whether Mozilla will accept this[1].
Given Mozilla CA Certificate Policy (Version 1.2) #12 allows us to request a
preliminary determination with regard to DRC policy[2] it seems prudent to do
so.
Also questioned is the practicality of DRC like:
C.3.e The root certificate private key pass-phrase (i.e. password)
is not stored electronically or physically. [3][4]
Before we ask to the applicability of DRC lets look at the DRC that we cannot
meet, why, an alternatives in the same spirit.
Please review and document on this list DRC that is hard/impractical to
meet[5].
[1] https://lists.cacert.org/wws/arc/cacert-root/2010-01/msg00012.html
[2] http://www.mozilla.org/projects/security/certs/policy/
[3] https://lists.cacert.org/wws/arc/cacert-root/2010-01/msg00015.html
[4] https://lists.cacert.org/wws/arc/cacert-policy/2010-03/msg00070.html
[5] http://audit.cacert.org/svn/DRC/browser.php
--
Daniel Black
CAcert
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
- DRC for audit - acceptability, Daniel Black, 03/26/2010
- Re: DRC for audit - acceptability, Faramir, 03/27/2010
- Re: DRC for audit - acceptability - C.3.e, Daniel Black, 03/27/2010
- Re: DRC for audit - acceptability - C.3.e, Ian G, 03/27/2010
- Re: DRC for audit - acceptability - C.3.e, Daniel Black, 03/27/2010
- Re: DRC for audit - acceptability C.3.e - root password protection not electronically/physically stored, Daniel Black, 03/30/2010
- Re: DRC for audit - acceptability, Faramir, 03/27/2010
Archive powered by MHonArc 2.6.16.