> -----Original Message-----
> From: dev-security-policy [mailto:dev-security-policy-
> bounces+steve_medin=symantec....@lists.mozilla.org] On Behalf Of
> Gervase Markham via dev-security-policy
> Sent: Friday, June 02, 2017 10:54 AM
> To: mozilla-dev-security-pol...@lists.mozilla.org
> Subject: [EXT] Symantec response to Google proposal
> https://www.symantec.com/connect/blogs/symantec-s-response-google-
> s-subca-proposal
> Symantec have responded to the Google proposal (which Mozilla has
> endorsed as the basis for further discussion) with a set of inline
> which raise some objections to what is proposed.
> Google will, no doubt, be evaluating these requests for change and
> to accept, or not, each of them. But Mozilla can make our own independent
> decisions on these points if we choose. If Google and Mozilla accept a
> change, it is accepted. If Google accepts it but we decline to accept, we
> add it to our list of additional requirements for Symantec instead.
> Therefore, I would appreciate the community's careful consideration of the
> reasonableness of Symantec's requests for change to the proposal.
> Gerv

Thank you for posting this, Gerv.  We intended to post the following here.

Posting on behalf of Symantec.
Today, after thoroughly reviewing Google's proposal and weighing its merits
against feedback we've heard from the broader community, including our CA
customers, we shared our response with Google and the community, and also
posted our full response on our blog at

We anticipate that Google and the community will need some time to review
our feedback and share their reactions, and we welcome their continued input
as we work to reach an agreed-upon plan that can be implemented in a
reasonable timeframe and ensures minimal disruption for our customers. We
thank our customers and the community for their valuable contributions to
this important discussion, and we will continue working toward what we
believe is the best path forward for all stakeholders.

Attachment: smime.p7s
Description: S/MIME cryptographic signature

dev-security-policy mailing list

Reply via email to