On Thu, Mar 14, 2019 at 6:54 PM James Burton via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote:
> Let's Encrypt CA software 'Boulder' is open source for everyone to browse > and check for issues. All other CAs should follow the Let's Encrypt lead > and open source their own CA software for everyone to browse and check for > issues. We might have found the serial number issue sooner. > Considering EJBCA is open-source, this does not seem that it would logically follow. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy