What benefit does this provide, given the profound and lasting risk this introduces?
On Thu, Mar 8, 2018 at 2:49 PM, Anis via dev-security-policy < [email protected]> wrote: > root CA inclusion procedures are very long, so do not simplify them to > encourage the certification culture. > for example give root the chance to be included for a period of one year > during this time it is decided that it remains or not while respecting the > norms course. > if in the course of this period the root ca will make an error it will be > excluded in the next update or version of mozilla. > the first checks are carried out as usual but instead of consuming years > we will fix for example 6 months. > at the end of these 6 months a vote will be made to decide. > Anis > _______________________________________________ > dev-security-policy mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-security-policy > _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
