|
|
| Line 233: |
Line 233: |
| == Response to Mozilla's list of Potentially Problematic Practices == | | == Response to Mozilla's list of Potentially Problematic Practices == |
| Review Mozilla's list of [[CA:Problematic_Practices | Potentially Problematic Practices.]] For each one, state if it is or is not applicable. For the ones that are applicable, provide URLs and section/page number information pointing directly to the sections of the CP/CPS documents that are relevant, and explain how you address the concern(s). | | Review Mozilla's list of [[CA:Problematic_Practices | Potentially Problematic Practices.]] For each one, state if it is or is not applicable. For the ones that are applicable, provide URLs and section/page number information pointing directly to the sections of the CP/CPS documents that are relevant, and explain how you address the concern(s). |
|
| |
| # [[CA:Problematic_Practices#Long-lived_DV_certificates | Long-lived DV certificates]]
| |
| # [[CA:Problematic_Practices#Wildcard_DV_SSL_certificates | Wildcard DV SSL certificates]]
| |
| # [[CA:Problematic_Practices#Email_Address_Prefixes_for_DV_Certs | Email Address Prefixes for DV Certs]]
| |
| # [[CA:Problematic_Practices#Delegation_of_Domain_.2F_Email_validation_to_third_parties | Delegation of Domain / Email validation to third parties]]
| |
| # [[CA:Problematic_Practices#Issuing_end_entity_certificates_directly_from_roots | Issuing end entity certificates directly from roots]]
| |
| # [[CA:Problematic_Practices#Allowing_external_entities_to_operate_subordinate_CAs | Allowing external entities to operate subordinate CAs]]
| |
| # [[CA:Problematic_Practices#Distributing_generated_private_keys_in_PKCS.2312_files | Distributing generated private keys in PKCS#12 files]]
| |
| # [[CA:Problematic_Practices#Certificates_referencing_hostnames_or_private_IP_addresses | Certificates referencing hostnames or private IP addresses]]
| |
| # [[CA:Problematic_Practices#Issuing_SSL_Certificates_for_Internal_Domains | Issuing SSL Certificates for Internal Domains]]
| |
| # [[CA:Problematic_Practices#OCSP_Responses_signed_by_a_certificate_under_a_different_root | OCSP Responses signed by a certificate under a different root]]
| |
| # [[CA:Problematic_Practices#SHA-1_Certificates| SHA-1 Certificates]]
| |
| # [[CA:Problematic_Practices#Generic_names_for_CAs | Generic names for CAs]]
| |
| # [[CA:Problematic_Practices#Lack_of_Communication_With_End_Users | Lack of Communication With End Users]]
| |
| # [[CA:Problematic_Practices#Backdating_the_notBefore_date | Backdating the notBefore date]]
| |