On Friday, November 4, 2016 at 10:36:13 AM UTC-7, Gervase Markham wrote: > Here is the spreadsheet I am using to track my analysis of the SHA-1 > issuances discovered in crt.sh: > > https://docs.google.com/spreadsheets/d/1s0zsDjkHkPpFPd9LCtaJDgra5hqmcHmRor_sHSLl5Yg/edit > > It includes notes about each incident and my determination of what to > do. At the moment, bugs are open for all incidents I intend to pursue. > However, people may want to make a case for different action. > > GA stands for Grudgingly Accepted - in an ideal world this would not > exist but, for the given reason, no further action is planned. > > Gerv
Hi Gerv, If there's concerns about GAs - would it be best to reply on this thread or start a new one per-CA? _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
