On 08/11/16 16:28, [email protected] wrote: > Is it your intent that once OneCRL-revoked intermediates are brought > into compliance that they'd be removed from OneCRL, or are they gone > for good, a warning sign to those who follow.
TBD. I'm enquiring about whether it's possible to remove certs and, if it is, what lingering effects (if any) that might have. > PS: Maybe it'd be good to use a source of randomness that is not from > the UK government. If someone can predict the lottery numbers, I suspect they would put that power to a different use than deciding which intermediate certificates Mozilla should distrust. Gerv _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
