On Mon, Feb 13, 2017 at 4:14 AM, Gervase Markham via dev-security-policy <dev-security-policy@lists.mozilla.org> wrote: > On 10/02/17 12:40, Inigo Barreira wrote: >> I see many "should" in this link. Basically those indicating "should notify >> Mozilla" and "should follow the physical relocation section". > > It may be that this document does need redoing in formal policy > language. In the mean time, anyone uncertain about its meaning should > ask Kathleen.
Gerv, In addition to updating it to follow formal policy language, I would suggest adding it directly to the policy. As it stands today there are 79 pages in the wiki starting with "CA:". It simply isn't possible to know which ones are effectively part of the policy and which are other random things. I realize building and maintaining long policies is time consuming, but it is important to be clear. CAs are routinely called out for unclear or incomplete CPs and CPSes, so I think it is fair to ask Browsers to have clear and complete trust store policies. Thanks, Peter _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy