On 02/08/16 03:37, Rick Andrews wrote: > Symantec applied for, and received, approval from Microsoft, Google, > Mozilla and Apple to issue seven SHA-1 certificates.
Now that we have gone through the process for the first time, we should consider how it went and if we can make it both more secure and perhaps more streamlined in future. Several suggestions were made during the process for changes; perhaps now is the time for their proponents to re-state them, with rationale, and we can discuss them. (When I say "the process", I guess I mean the process documented by Google, which Mozilla considers a superset of its requirements. I am assuming that Google is open to discussion of further modifications to that document in the light of experience; if not, they should please let us know.) Gerv _______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
