On Wednesday, 10 May 2017 17:52:40 UTC+2, Gervase Markham wrote: > On 09/05/17 16:51, Gervase Markham wrote: > > * Editing the proposal to withdraw the "alternative" option, leaving > > only the "new PKI" option. > > This has now been done: > > https://docs.google.com/document/d/1RhDcwbMeqgE2Cb5e6xaPq-lUPmatQZwx3Sn2NPz9jF8/edit# > > > * Engagement here in m.d.s.p. with the community to refine and flesh out > > the "new PKI" proposal, based on the Google outline but examining it and > > enhancing it to make sure it is practical, both from an implementation > > perspective and to reduce disruption to sites as far as possible. > > I would appreciate people's comments on the details of the current draft.
Makes sense to me. But it does seem to assume that Symantec will cooperate with this. What happens if they decide not to is less clear. Perhaps it would be a good idea to indicate which steps will be taken in any case? _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy