Richard Moore via dev-security-policy <dev-security-policy@lists.mozilla.org> writes:
>If any other CA wants to check theirs before someone else does, then now is >surely the time to speak up. I'd already asked previously whether any CA wanted to indicate publicly that they were compliant with BR 7.1, which zero CAs responded to (I counted them twice). This means either there are very few CAs bothering with dev-security- policy, or they're all hunkering down and hoping it'll blow over, which given that they're going to be forced to potentially carry out mass revocations would be the game-theoretically sensible approach to take: Option 1: Keep quiet case 1 (very likely): -> No-one notices, nothing happens. Keep quite case 2 (less likely): -> Someone notices, revocation issues. Option 2: Say something -> Revocation issues. So keeping your head down would be the sensible/best policy. Peter. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy