---------- Forwarded message ---------- From: Brian Smith <[email protected]> Date: Thu, Oct 1, 2015 at 7:15 AM Subject: Re: Policy Update Proposal: Remove Code Signing Trust Bit To: Gervase Markham <[email protected]> Cc: "[email protected]" <[email protected]>
On Wed, Sep 30, 2015 at 11:05 PM, Gervase Markham <[email protected]> wrote: > On 01/10/15 02:43, Brian Smith wrote: > > Perhaps nobody's is, and the whole idea of using publicly-trusted CAs for > > code signing and email certs is flawed and so nobody should do this. > > I think we should divide code-signing and email here. I can see how one > might make an argument that using Mozilla's list for code-signing is not > a good idea; a vendor trusting code-signing certs on their platform > should choose which CAs they trust themselves. > > But if there is no widely-trusted set of email roots, what will that do > for S/MIME interoperability? > First of all, there is a widely-trusted set of email roots: Microsoft's. Secondly, there's no indication that having a widely-trusted set of email roots *even makes sense*. Nobody has shown any credible evidence that it even makes sense to use publicly-trusted CAs for S/MIME. History has shown that almost nobody wants to use publicly-trusted CAs for S/MIME, or even S/MIME at all. Further, there's been actual evidence presented that Mozilla's S/MIME software is not trustworthy due to lack of maintenance. And, really, what does Mozilla even know about S/MIME? IIRC, most of the S/MIME stuff in Mozilla products was made by Sun Microsystems. (Note: Oracle acquired Sun Microsystems in January 2010. But, I don't remember any Oracle contributions related to S/MIME. So, yes, I really mean Sun Microsystems that hasn't even existed for almost 6 years.) Cheers, Brian -- https://briansmith.org/ -- https://briansmith.org/ _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
