Phillip, that was an unprofessional contribution to this list, that could be read as a legal threat, and could contribute to suppressing dialogue within this community. And, given that the employee to which it is clear you are referring is not only a respected community member, but literally a peer of the Mozilla Root Program, it is particularly unhelpful to Mozilla's basic operations.
On Wed, Oct 23, 2019 at 10:33 AM Phillip Hallam-Baker via dev-security-policy <dev-security-policy@lists.mozilla.org> wrote: > On Tue, Oct 22, 2019 at 7:49 PM Matt Palmer via dev-security-policy < > dev-security-policy@lists.mozilla.org> wrote: > > > On Tue, Oct 22, 2019 at 03:35:52PM -0700, Kirk Hall via > > dev-security-policy wrote: > > > I also have a question for Mozilla on the removal of the EV UI. > > > > This is a mischaracterisation. The EV UI has not been removed, it has > been > > moved to a new location. > > > > > So my question to Mozilla is, why did Mozilla post this as a subject on > > > the mozilla.dev.security.policy list if it didn't plan to interact with > > > members of the community who took the time to post responses? > > > > What leads you to believe that Mozilla didn't plan to interact with > members > > of the community? It is entirely plausible that if any useful responses > > that warranted interaction were made, interaction would have occurred. > > > > I don't believe that Mozilla is obliged to respond to people who have > > nothing useful to contribute, and who don't accurately describe the > change > > being made. > > > > > This issue started with a posting by Mozilla on August 12, but despite > > 237 > > > subsequent postings from many members of the Mozilla community, I don't > > > think Mozilla staff ever responded to anything or anyone - not to > explain > > > or justify the decision, not to argue. Just silence. > > > > I think the decision was explained and justified in the initial > > announcement. No information that contradicted the provided > justification > > was presented, so I don't see what argument was required. > > > > > In the future, if Mozilla has already made up its mind and is not > > > interested in hearing back from the community, it might be better NOT > to > > > start a discussion on the list soliciting feedback. > > > > Soliciting feedback and hearing back from the community does not require > > response from Mozilla, merely reading. Do you have any evidence that > > Mozilla staff did not, in fact, read the feedback that was given? > > > > If you are representing yourselves as having an open process, the lack of > response on the list does undermine that claim. The lack of interaction on > that particular topic actually speaks volumes. > > Both parties in Congress have already signalled that they intend to go > after 'big tech'. Security is an obvious issue to focus on. While it is > unlikely Mozilla will be a target of those discussions, Google certainly is > and one employee in particular. > > This is the point at which the smart people are going to lawyer up. > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy > -- Eric Mill 617-314-0966 | konklone.com | @konklone <https://twitter.com/konklone> _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
