136
edits
Changes
→Baseline Requirements: Fix typos
* BR subsections 3.2.2.4.1 and 3.2.2.4.5 were banned effective 1-August-2018.
** "CAs must stop using domain validation methods BR 3.2.2.4.1 and 3.2.2.4.5, stop reusing validation data from those methods"
* BR subsection 3.2.2.9 was banned by ballot SC15, effective 16-March 2019.* BR subsection 3.2.2.4.10 contains major vulnerabilitievulnerabilities. If the CA uses this method, then the CA should describe how they are mitigating those vulnerabilities. If not using this method, the CPS should say so.
* BR section 3.2.2.5(4) was updated by ballot SC7 to remove "any other method", effective 1-August 2019. Prior to that date:
** Saying the CA follows BR section 3.2.2.5 does not meet [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy#22-validation-practices Mozilla's disclosure requirements for this method]. The CPS must describe if/how "any other method" is implemented.
