Jump to: navigation, search


38 bytes added, 02:56, 28 January 2018
January 2018 CA Communication: Update Defn of technically constrained
ACTION 3: Disclose All Non-Technically-Constrained Subordinate CA Certificates
<br /><br />
Sections 5.3.1 and 5.3.2 of Mozilla Root Store Policy version 2.5 [5] require CAs to publicly disclose (via CCADB [6]) all subordinate CA certificates including those used to issue email S/MIME certificates by 15-January unless they are technically constrained via both EKU and Name Constraints to a whitelist set of validated domains. We have since changed the compliance deadline to 15-April 2018. Certificate monitors have detected over 200 certificates that currently do not comply with this new policy. [7] Please ensure that your CA is in compliance before 15-April 2018.
<br /><br />
[5]<br />

Navigation menu