Gerv wrote, "Counter-question to many of these: who defines what is malware, and who made them king?"
The contract that the CA enters into with the subscriber should have done that. Subscriber Agreements should have language in them that says something to the effect, "We can revoke your certificate if you are [insert bad behavior] as we determine [insert evidentiary standard or threshold]." (The evidentiary standard might be "as we reasonably believe", "as we determine in our sole discretion", etc.)
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
