Matt Palmer <mpal...@hezmatt.org> writes:
>On Mon, May 16, 2016 at 02:22:08PM +0200, Richard Z wrote:
>> knowingly issuing/tolerating certificates for sites known to inject 
>> malware is
>> * contrary to user expectaions
>
>[Citation needed]

So you're saying users expect CAs to certify malware sites?

(There have been plenty of user studies showing that users expect the padlock
to protect them from malware, hackers, and all sorts of other stuff.  Please
produce a study showing that users expect CAs to certify malware sites and
virus authors).

Peter.
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Reply via email to