Hi, On Fri, 22 May 2020 09:55:22 -0400 Ryan Sleevi via dev-security-policy <dev-security-policy@lists.mozilla.org> wrote:
> Could you please cite more specifically what you believe is wrong > here? This is only a SHOULD level requirement. I think I said that more or less: > > I'm not going to file individual reports for the CAs. Based on > > previous threads I don't believe these are strictly speaking rule > > violations. I'm not claiming this is a severe issue or anything people should be worried about. It's merely that while analyzing some stuff I observed that AIA fields aren't as reliable as one might want (see also previous mails) and the mime types are one more observation I made where things aren't what they probably SHOULD be. I thought I'd share this observation with the community. -- Hanno Böck https://hboeck.de/ _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy