On Tue, Jan 19, 2021 at 07:28:17AM -0800, Ramiro Muñoz via dev-security-policy wrote: > Camerfirma is not the member with the highest number of > incidents nor the member with the most severe ones.
No, but Camerfirma's got a pretty shocking history of poor incident response, over an extended period, with no substantive evidence of improvement. *That* makes me not want to trust Camerfirma, because I have no confidence that problems are being handled in a manner befitting a globally-trusted CA. Further, Camerfirma's continued insistence that "it's all better now", in the face of all the contrary evidence, does not inspire confidence that there will be future improvement. - Matt _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy