Le mercredi 25 mars 2015 07:02:06 UTC+1, Daniel Micay a écrit : > > * Browser people detected this misissuance > > This one, but not at least several others issued by this CA.
Are you still talking about facts? Then please provide other mississued certificates. > > * CAs don't want to go out of business > > That's why browser vendors have more far more power than you're willing > to admit. You can kill their business by changing one a line of code... Does killing CA business create a shining new good world free of all Evil(tm)? > > * Even if by some chance you had the solution, you're going to have a > > hard time getting heard now > > The people who voiced strong, justified concerns against including this > CA weren't heard before. I doubt I'm saying anything that hasn't already > been said before on discussions you've read. They were heard. Their concerns were shared and studied. They weren't able to provide convincing arguments that the CA acted badly *as a CA*. That's different *now*, and while we *now* have good arguments they behaved badly, but it doesn't make the past 5 years of rant more true. Get your timeline straight. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
