I just started to read this, and need to read it more tomorrow. One initial point. I think we're sending mixed signals to readers about where is the appropriatre place for them to add comments about individual CA applications.
I've been telling people to disucss it in the newsgroup, NOT in bugzilla. I believe bugzilla is NOT the place for general advocacy discussions. I believe the comments in bugzilla about a particular application should be limited to a) the sole champion of the CA b) the "module owner" of the certificates module c) any developers specifically tasked with doing the jobs of making source changes. d) mozilla foundation members.
I'm with David Ross on this one. This should be a public process (as the policy explicitly specifies) and we can't and shouldn't limit who can comment on bugs related to CA certificates.
Now what we *can* do is discourage off-topic comments if they are made, and redirect people to the newsgroup for general advocacy comments. I think this problem will lessen once we have a formal policy, as then we will have a better guide as to what is off-topic and what is not.
Are there any outstanding trusted CA applications that are NOT yet represented by bugs that are blocked by bug http://bugzilla.mozilla.org/show_bug.cgi?id=233453 ?
Do we know who all the current applicants are?
I need to go through my inbox and match that up against the list of bugs. Unfortunately I don't have time to do that tonight.
Frank
-- Frank Hecker [EMAIL PROTECTED] _______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
