On 15/09/17 08:53, Inigo Barreira wrote: > Yes, you´re right, that was on the table and also suggested by Mozilla, but > the issue was that people from 360 are used to code in PHP and the old one > was in Java and some other for which they are not so familiar and then was > decided to re-write all the code in PHP trying to keep the same > functionality.
Given the quality of code produced, it might have been better in hindsight to hire Java experts to work on the old codebase. > Furthermore, with this decission, we also wanted to let the community know > that this is totally a new CA system in all aspects, nothing related to the > past, everything from scratch, so new coding, new programming language, new > PKI system, infrastructure, etc. hoping this would make the community have a > better impression of the new Startcom regarding the distrust issue. "We rewrote everything from scratch" is not actually something which itself inspires confidence. In the case of WoSign, it was required of them because their old code was clearly terrible and buggy. But the reason the result would have to be strongly audited (were they to reapply) is that new code is riskier than old, tried-and-tested code. I don't know if I ever wrote it down anywhere, but I'm fairly sure that switching back from the WoSign codebase to the older StartCom codebase (i.e. reversing the change you made after the purchase) was my suggestion for how StartCom should proceed after the dis-trust event. That doesn't mean you are required to take my advice, but it might have been a hint that I wouldn't consider "hey, we rewrote everything from scratch!" as a positive point. Gerv _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
