In https://github.com/mozilla/pkipolicy/issues/19 Gerv talked about what shouldn't CA do but the discussion thread listed didn't continue.
There's my questions: 1. What's the definition about "The same organzition"? The structure of large companys are very complicated now. With unaccoutable transactions of shares It's too hard for normal internet users like me to distinguish. And I can't easily know if shareholders' mind affected the company's running. 2. What's MITM-style ? Since lots of CDNs like Cloudflare provide such a "MITI-style" service, there's a necessity to clarify it. 3. Is spying system avoidable? Since major IT companys had involved in PRISM, it's time to face it. 4.Is government CAs acceptable? _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
