Here is my analysis and proposal for what actions the Mozilla CA Certificates module owner should take in respect of Symantec.
https://docs.google.com/document/d/1RhDcwbMeqgE2Cb5e6xaPq-lUPmatQZwx3Sn2NPz9jF8/edit# Please discuss the document here in mozilla.dev.security.policy. A good timeframe for discussion would be one week; we would aim to finalise the plan and pass it to the module owner for a decision next Monday, 8th May. Note that Kathleen is not around until Wednesday, and may choose to read rather than comment here. It is not a given that she will agree with me, or the final form of the proposal :-) Gerv _______________________________________________ dev-security-policy mailing list firstname.lastname@example.org https://lists.mozilla.org/listinfo/dev-security-policy