On Wed, Jan 25, 2017 at 3:21 AM, Gervase Markham <[email protected]> wrote:
> On 24/01/17 17:12, Ryan Sleevi wrote: > > This means, as a practical matter, I strongly agree with Brian Smith's > > suggestion of having an explicit, enumerated list of algorithms (and > > parameters) in the Mozilla policy, with the caveat/expectation that > Mozilla > > policy will be able to be updated in a timely fashion w/r/t this section > if > > need be. > > You believe that such a scheme would definitely be better than a "delta" > scheme where the Mozilla policy said: "We allow what's in the BRs, but > with the removal of option X and the addition of option Y"? > Yes, I think it results in a clearer communication that is otherwise identical, and ensures that there is community consensus on policy changes :) _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
