On Tue, Sep 19, 2017 at 5:22 PM, Alex Gaynor via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:

> https://crt.sh/mozilla-certvalidations?group=version&id=896972 is a very
> informative graph for me -- this is the number of validations performed by
> Firefox for certs under this CA. It looks like at the absolute peak, there
> were 1000 validations in a day. That's very little value for our users, in
> return for an awful lot of risk.
> Alex


I agree that 1000 validations in a day is not much, or better to say really
low number. Anyway I was wondering what should be a minimum value or
whether this number is a good metric at all. I went through the Mozilla
validations telemetrics and there are more CAs with similliar number of

dev-security-policy mailing list

Reply via email to