On 15/05/15 00:01, Ryan Sleevi wrote: > On Thu, May 14, 2015 9:02 am, David E. Ross wrote: > >> With "cyberwarfare" constantly discussed in the news, U.S. Congress, and >> other venues, it appears to me that government CAs should indeed be >> restricted to the TLDs of their respective jurisdictions. >> >> Furthermore, since governments can apply pressure (often secretively) to >> commercial enterprises, a similar restriction should be applied to all >> commercial and non-government CAs. In this case, they should be >> restricted to TLDs of those jurisdictions where they have registered and >> whose governments have granted the CAs permission to operate. > > Unsurprisingly, this would make online communications less secure, rather > than more secure.
Can we stop discussion of this particular point (name-constraining non-government CAs) here, as it's been ruled explicitly out of scope? Thanks :-) > I think there's also the broader consideration of whether Mozilla's policy > interests are served by promoting borders on the Internet, which David's > proposal certainly does, but the broader question invariably does. > https://www.mozilla.org/en-US/about/manifesto/ , Items 2, 4, and 6 all > seem relevant to the broader discussion of the implications of such a > policy. It would be helpful if you could expand upon this point, and the relationship you see between those three principles and the proposal. > In case it's not clear, I think imposing name-constraints on CAs to be bad > for the web and not a scalable solution, even if it appears attractive :) Again, expansion on these points would be appreciated :-) Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
