> True, but CAs can put technical constraints on that to limit the acceptable > passwords to a certain strength. (hopefully with a better strength-testing > algorithm than the example Tim gave earlier)
Tim is the best of us -- this is hard to do well :) _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy