Comment 128 for bug 232340

So it took you 3 years to write a policy... which has to be followed by cacert.

So when did all the other authorities pass this policy? I believe mozilla/firefox shipped with their certificates long before this policy was even around.

So why delay for cacert for so many years and ask them to have this evaluation when all the other authorities have been included no-queastions-asked?

Not to mention that forcing a cacert to find a 3rd party (and probably spend money on this) isn't exactly ideal for them i believe. They are giving free server certificates after all, not charging by the bucket load.