[cabfpub] Misissuance of certificates

Sigbjørn Vik sigbjorn at opera.com
Mon Jan 18 11:58:45 UTC 2016


On 15-Jan-16 20:01, Eneli Kirme wrote:
> Hi again, 
> 
> We would like to clarify a bit about scope vs compliance. Can it be, that
> 
> 1) Under root participating in root programs there’s a subordinate that
> issues certificates which are out of scope of BR-s (i.e. not intended
> for public web server authentication)?

No. The current understanding of the scope is all certificates chaining
to a root embedded in public browsers. A CA can choose itself which
roots are in scope, but not individual certificates.

-- 
Sigbjørn Vik
Opera Software



More information about the Public mailing list