On 12.03.2018 22:19, Kathleen Wilson via dev-security-policy wrote: > Wayne and I have posted a Mozilla Security Blog regarding the current > plan for distrusting the Symantec TLS certs. > > https://blog.mozilla.org/security/2018/03/12/distrust-symantec-tls-certificates/
Hello Kathleen and Wayne, the blog post says, the subCAs controlled by Apple and Google are the ONLY exceptions. However, the Mozilla Firefox code also treats certain DigiCert subCAs as exceptions. Based on Ryan Sleevi's recent comments on this list, I had concluded that the excluded DigiCert subCAs are used to support companies other than Apple and Google. Is my understanding right or wrong? Are Apple and Google really the only beneficials of the exceptions, or should the blog post get updated to mention the additional exceptions? Thanks Kai _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy