On 04/06/17 03:03, Matt Palmer wrote: > For whatever it is worth, I am a fan of this way of defining "misissuance".
This is an "enumerating badness" vs. "enumerating goodness" question. My original draft attempted to (without limitation) enumerate some badness, and you and Ryan are suggesting that it would be better instead to enumerate goodness. I agree. However, enumerating goodness is a bit harder because you need to make sure you get all the goodness, so as not to accidentally ban something you want. This we could do, but I feel it would require consultation with CAs. Therefore, I will add the non-limiting enumerating badness version to the policy, as an improvement on the current wording which also enumerates badness, but I've filed these two issues: https://github.com/mozilla/pkipolicy/issues/86 https://github.com/mozilla/pkipolicy/issues/85 on improving this further in the future. Gerv _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
