I hope you can understand that trust is not just based on the state of the world 'today', but based on everything that key has ever done and every bit of infrastructure that key has run on.
We know that key has been run on deficient infrastructure, with deficient software, and done deficient things. The continued public examination has continued to find and discover new issues since 2016. While remedying these issues is a crucial minimum step towards trust, it only gets you to a point where the current infrastructure might be suitable to be trusted going forward. Ensuring the creation of a new root, with new keys, which has never certified any of the deficient infrastructure, is the only way the public has to ensure they are not introducing additional risk to their users. On Mon, Feb 12, 2018 at 3:23 PM, YairE via dev-security-policy < email@example.com> wrote: > Dear Ryan, with all due respect and we do respect you, back in 2016 all > the issues you mentioned were about the CPS and were corrected. > It took us a lot to create the documentation you've asked for. > There was no mentioning of any kind about our CA software or anything > about the root itself. > We believe that by solving all the problems that you've rose - we have > shown integrity and that we are trustworthy and we expected to hear a minor > good word about accomplishing the correction you've asked for including > creating a complete new CPS, which have costed us a lot of time. > We initiated out of our own integrity the new CA environment (nobody > forced us to do so), and created already the new CA environment and one of > our considerations was to use a trusted company like MS and not a > relatively small vendor of CA. We knew they have some functionality > disadvantages in their software but we hope they will correct it. > As mentioned – we do agree that we need to switch our CA software ASAP and > we are doing so and make progress every day. We did all the corrections > you've asked for. If not – please point them out. > You now, after we did everything you've asked for, put dark shadow, over > our trust and we do not see why. The only real point now is that we've used > and still are using a software that must be replaced ASAP. > Bear in mind please that we cannot switch in one day because we need the > approval of the government to every step we plan. > In conclusion, we don’t see any trust problems regarding Comsign itself > and\or this particular root. > We still ask that this root will be approved on the new MS-CA when we > switch to it, and we see no need to decline our request as long as we > continue to comply with the BR and issue on a trusted CA software. > _______________________________________________ > dev-security-policy mailing list > firstname.lastname@example.org > https://lists.mozilla.org/listinfo/dev-security-policy > _______________________________________________ dev-security-policy mailing list email@example.com https://lists.mozilla.org/listinfo/dev-security-policy