On Monday, October 31, 2016 at 4:40:49 PM UTC-7, Percy wrote: > Ryan, > It's great Chrome will distrust WoSign and StartCom. Google's blog post > stated that "Due to a number of technical limitations and concerns, Google > Chrome is unable to trust all pre-existing certificates while ensuring our > users are sufficiently protected from further misissuance.". Could you > elaborate what whitelist method will Google adopt?
You should star this bug - https://bugs.chromium.org/p/chromium/issues/detail?id=661003 - for additional details. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
