On Wednesday, 22 November 2017 18:03:53 CET Matthew Hardeman via dev-security- policy wrote: > Hi, > > I touched on my thoughts on this matter a bit before. > > This is really about trust. > > I think several factors must be weighed here: > > 1. Is "trust" really required of a CA in a soon-to-be > post-mandatory-CT-log world?
dealing with incidents burns people's time, making sure that this is minimised is at the very least a common courtesy -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 115, 612 00 Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy