> On Aug 9, 2017, at 17:50, Peter Bowen <pzbo...@gmail.com> wrote:
> The point of certlint was to help identify issues. While I appreciate
> it getting broad usage, I don't think pushing for revocation of every
> certificate that trips any of the Error level checks is productive.
I agree, and I don’t really have a position on the revocation of certificates
with errors that do not appear to have any security impact like these.
dev-security-policy mailing list