On Monday, 13 February 2017 13:23:47 UTC+1, Gervase Markham wrote: > The GoDaddy situation raises an additional issue. > > What can be done about the potential future issue (which might happen > with any large CA) of the need to untrust a popular intermediate? > Suggestions welcome. > > Gerv
Isn't this mostly something that CAs should keep in mind when they setup "shop"? I mean it would be nice to have a way of avoiding that kind of impact of course, but if they think it's best to put all their eggs in one basket... ;-) On the other hand, it's probably not possible to foresee what kind of partitioning will be needed if/when things go wrong. CU Hans _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy