On Tuesday, June 25, 2024 at 5:07:19 PM UTC-4 Wayne wrote: Further to the latest report making no mention of that incident, in #1890898 there is a statement of intent of there being a second amended final report: https://bugzilla.mozilla.org/show_bug.cgi?id=1890898#c66 > Yes, we will amend the final incident report to reflect that we did our analysis
Is there any intent on there being a final report or is this cycle going to continue? If a judgment on Entrust's ability to make concrete statements will be made, there needs to be a final statement at some point. This update is the final report. We will address future questions through responses. And in regards to your response my statement let us not turn this into an ongoing back-and-forth with individuals. I will only address the last question whereby Entrust will not share how their new team will show any divergence from previous mistakes. The point of asking for an analysis of the 'new team' versus what happened historically is to provide any trust that the same mistakes will not be repeated but with a new badge in place. The lack of confidence in being able to provide that is distressing at this stage. - Wayne -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/28a4df3b-d545-4c4a-a4f0-8e5e71c5e9ben%40mozilla.org.
