On 9/11/15 10:55 AM, Brian Smith wrote:
The same argument applies to email. Nobody wants to admit that Thunderbird
is dead, it is uncomfortable to know that the S/MIME handling in
Thunderbird has been unmaintained for at least half a decade, and it's a
little embarrassing to admit that the model we use for deciding which CAs
get the SSL trust bit works even less well for S/MIME and that basically
nobody cares about the S/MIME or code signing bits. But that's all true.
It's my professional opinion that if you actually care about S/MIME
security then it would be a mistake to use Thunderbird. (Sorry, people
volunteering to keep Thunderbird going.)
I still use Thunderbird, so I appreciate the volunteers who continue to
support it!
Anyways, let's not discuss the Email trust bit in this particular
discussion thread. I would like to keep this particular discussion
focused on the policy proposal to remove the Code Signing trust bit.
We will have a separate discussion about the Email trust bit later when
we talk about the following item:
https://wiki.mozilla.org/CA:CertificatePolicyV2.3#General_Policy_Cleanup
-- (D27) Clarify which audit criteria are required depending on which
trust bits are set. In particular, root certs with only the S/MIME trust
bit set will have different audit criteria requirements than root certs
with the Websites trust bit set.
When we have that discussion, please feel free to re-voice your opinion
about completely removing the Email trust bit, and I can also clarify
what checks we currently do when a CA asks for the Email trust bit.
Thanks,
Kathleen
_______________________________________________
dev-security-policy mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security-policy
