Message Body (2 of 6) APPEAL TO MOZILLA FOUNDATION BOARD OF DIRECTORS 2) Procedural Fairness/Bias:
The Module Owner’s decision making activities, and the supporting actions of other Mozilla staff, were not procedurally fair, transparent, absent of bias, nor made in good-faith. a) The Applicants are headquartered in the United Arab Emirates, and have wholly-owned subsidiaries domiciled in Canada and the European Union. The Applicants conduct all of their business strictly in accordance with the laws of the jurisdictions in which they operate and continue to do so. Over the past three and half (3.5) years, the Applicants have successfully completed two (2) Web Trust public audits verifying that the Applicants CA business is operating in accordance with the technical standards stipulated within Mozilla Root Store Policy and the latest version of the CA/Browser Forum Requirements for the Issuance and Management of Publicly-Trusted Certificates. Furthermore, the Applicants have been ISO9001 and ISO27001 certified in their quality and information systems management as an independent verification of the management controls and governance in place for the operations of the business itself. b) To-date the Applicants have not been cited for any non-compliance with the laws of the jurisdictions in which they operate, and there has never been any credible evidence of their malfeasance in any form or shape whatsoever. c) Notwithstanding the above, by directly asserting and attributing a false innuendo of “MitM Certificates” to the Applicants’ intention, the Module Owner deliberately framed the public discussion about the merits of the Root Inclusion requests in a significantly detrimental manner from the outset. > “In the past Mozilla has taken action against CAs found to have issued MitM > certificates. > We are not aware of direct evidence of misused certificates in this case. > However, > the evidence does strongly suggest that misuse is likely to occur, if it has > not already.” [1] The Module Owner would have, or should have known, that framing the public discussion in such an inflammatory statement would “intentionally manipulate fact and reality” and deliberately distort the Root Inclusion discussion in a manner that misinforms the public about the Applicants Root Inclusion and their activities. The Module Owner chose to imply the negative innuendos about “MitM Certificates” even though there was no credible evidence available to him as to such malfeasance by the Applicants in the more than three (3) years within which as the Module Owner he would have been aware of the Applicants work and Root Inclusion request. d) Concerted efforts by Mozilla staff to publicly pre-judge the issue, by soliciting and providing follow-up interviews to the media, were solely intended to undermine the efforts of the Applicants in disputing the misleading articles used as the basis for biasing the Root Inclusion public discussions. > “We don’t currently have technical evidence of misuse (by DarkMatter) but the > reporting is strong evidence that misuse is likely to occur in the future if > it hasn’t > already,” said Selena Deckelmann, a senior director of engineering for > Mozilla. [2] The Module Owner, and Mozilla staff, would have, or should have, known that by deliberately fanning the controversy (as news-makers rather than impartial adjudicators), they would harm the prospects of a fair process for the Applicants’ Root Inclusion. We are of the view that Mozilla staff did a great disservice to the idea of "trust" - when they persisted in a concerted effort with Reuters - to accelerate the false narrative about the Applicants, solely because they were a commercial CA business head-quartered in the United Arab Emirates. This undue interference by the Module Owner, and Mozilla staff, demonstrated an abdication of impartiality, extreme prejudicial bias in the decision making process, and a hidden organizational animus, that is fatal to the idea of “due process” and “fundamental fairness” being accorded to the Applicants by Mozilla in this Root Inclusion. [1] https://groups.google.com/d/msg/mozilla.dev.security.policy/nnLVNfqgz7g/YiybcXciBQAJ [2] https://www.reuters.com/article/us-usa-spying-darkmatter/firefox-maker-fears-darkmatter-misuse-of-browser-for-hacking-idUSKCN1QL28T Benjamin Gabriel | General Counsel & SVP Legal Tel: +971 2 417 1417 | Mob: +971 55 260 7410 [email protected] The information transmitted, including attachments, is intended only for the person(s) or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and destroy any copies of this information. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
