On Tue, Oct 22, 2019 at 7:49 PM Matt Palmer via dev-security-policy < [email protected]> wrote:
> On Tue, Oct 22, 2019 at 03:35:52PM -0700, Kirk Hall via > dev-security-policy wrote: > > I also have a question for Mozilla on the removal of the EV UI. > > This is a mischaracterisation. The EV UI has not been removed, it has been > moved to a new location. > > > So my question to Mozilla is, why did Mozilla post this as a subject on > > the mozilla.dev.security.policy list if it didn't plan to interact with > > members of the community who took the time to post responses? > > What leads you to believe that Mozilla didn't plan to interact with members > of the community? It is entirely plausible that if any useful responses > that warranted interaction were made, interaction would have occurred. > > I don't believe that Mozilla is obliged to respond to people who have > nothing useful to contribute, and who don't accurately describe the change > being made. > > > This issue started with a posting by Mozilla on August 12, but despite > 237 > > subsequent postings from many members of the Mozilla community, I don't > > think Mozilla staff ever responded to anything or anyone - not to explain > > or justify the decision, not to argue. Just silence. > > I think the decision was explained and justified in the initial > announcement. No information that contradicted the provided justification > was presented, so I don't see what argument was required. > > > In the future, if Mozilla has already made up its mind and is not > > interested in hearing back from the community, it might be better NOT to > > start a discussion on the list soliciting feedback. > > Soliciting feedback and hearing back from the community does not require > response from Mozilla, merely reading. Do you have any evidence that > Mozilla staff did not, in fact, read the feedback that was given? > If you are representing yourselves as having an open process, the lack of response on the list does undermine that claim. The lack of interaction on that particular topic actually speaks volumes. Both parties in Congress have already signalled that they intend to go after 'big tech'. Security is an obvious issue to focus on. While it is unlikely Mozilla will be a target of those discussions, Google certainly is and one employee in particular. This is the point at which the smart people are going to lawyer up. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
