On Sun, May 7, 2017 at 6:09 PM, Rick Andrews via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote:
> I'm posting this on behalf of Symantec: > > We would like to update the community about our ongoing dialogue with > Google. > > Following our May 4th post, senior executives at Google and Symantec > established a new dialogue with the intention to arrive at a new proposal > for the community that addresses the substantial customer impact that would > result from prior proposals. We urge Symantec customers and the browser > community to pause on decisions related to this matter until final > proposals are posted and accepted. This call for the browser community to not make any decisions until Google and Symantec finalize and accept a proposal completely marginalizes and ignores both Mozilla and the broader web community. The "new dialogue" part also comes across as having gone over Ryan's head. This is unfortunately consistent with Symantec's latest blog post, which unprofessionally referred to proposals by "Mr. Sleevi" and "Mr. Markham". These statements personalize the issue and marginalize the proposals by casting them as individual opinions and not the views of their organization. They also reinforce the perception that Symantec sees their situation as the product of an unreasonable person or two and not the result of their own errors. This list just spent the last two weeks focused on a large host of issues, curated by Mozilla on their wiki and discussed by the broader community here. So far, all Symantec has done to publicly respond to those is to send a single email per-issue, and then not otherwise participate in the discussion beyond blog posts. Posting a call to Mozilla's community list asking for Mozilla and its community to pause while Symantec gets on the phone with senior Google executives to work it all out is a baffling tactic. I hope Mozilla continues to assert its stake in this process. -- Eric The intent of both Google and Symantec is to arrive at a proposal that > improves security while minimizing business disruption across the community. > > We want to reassure the community that we are taking these matters and the > impact on the community very seriously. > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
