On Mon, Sep 21, 2015 at 07:07:07PM -0700, Kathleen Wilson wrote: > > First, we need to determine if the Email trust bit should remain part of > Mozilla's CA Certificate Policy.
I'm really concerned about this. S/MIME and PGP are the only (popular) ways to do encryption over email. The encryption part is probably not the most impotant part of it, but the authentication of the sender is. As far as I know email is still very important to many people, I don't see that going away in the near future. Doing S/MIME or PGP might be complicted to set up, but at least some people are trying to improve the user experience. Removing the email trust bit seems like a step in the wrong direction. I really do not want to start an other root store. Kurt _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
