On Fri, Oct 25, 2019 at 4:21 AM James Burton wrote:
> Extended validation was introduced at a time when mostly everyone browsed
> the internet using low/medium resolution large screen devices that provided
> the room for an extended validation style visual security indicator .
> Everything has
On Thu, Oct 24, 2019 at 9:54 PM Peter Gutmann via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> Paul Walsh via dev-security-policy
> writes:
>
> >we conducted the same research with 85,000 active users over a period of
> >12 months
>
> As I've already pointed out weeks
On Thu, Oct 24, 2019 at 5:31 PM Paul Walsh wrote:
> So, the next time a person says “EV is broken” or “website identity can’t
> work” please think about what I just said and imagine actual browser
> designers and developers who were/are responsible for that work. They were
> never given a chance
operations.
>
> On Wed, Oct 23, 2019 at 10:33 AM Phillip Hallam-Baker via
> dev-security-policy wrote:
>
>> On Tue, Oct 22, 2019 at 7:49 PM Matt Palmer via dev-security-policy <
>> dev-security-policy@lists.mozilla.org> wrote:
>>
>> > On Tue, Oct 2
On Tue, Oct 22, 2019 at 7:49 PM Matt Palmer via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On Tue, Oct 22, 2019 at 03:35:52PM -0700, Kirk Hall via
> dev-security-policy wrote:
> > I also have a question for Mozilla on the removal of the EV UI.
>
> This is a
Like I said, expect to defend this in House and Senate hearings.
This is a restraint of trade. You are using your market power to impede
development of the market.
Mozilla corp made no complaint when VeriSign deployed Issuer LogoTypes.
On Tue, Jul 16, 2019 at 8:17 PM Wayne Thayer via
On Thu, Jul 11, 2019 at 12:19 PM Wayne Thayer wrote:
> On Wed, Jul 10, 2019 at 7:26 PM Phillip Hallam-Baker <
> ph...@hallambaker.com> wrote:
>
>> Because then the Mozilla ban will be used to prevent any work on
>> logotypes in CABForum and the lack of CABForum rules will be used as
>> pretext
[Fixing the From to match list membership]
On Wed, Jul 10, 2019 at 2:41 PM housley--- via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On Friday, July 5, 2019 at 7:53:45 PM UTC-4, Wayne Thayer wrote:
> > Based on this discussion, I propose adding the following statement
On Wed, Jul 10, 2019 at 4:54 PM Wayne Thayer via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> Russ,
>
> >
> Perhaps one of us is confused because I think we're saying the same thing -
> that rules around inclusion of Logotype extensions in publicly-trusted
> certs should
[Fixing the From]
n Wed, Jul 10, 2019 at 6:11 PM Wayne Thayer wrote:
> On Wed, Jul 10, 2019 at 2:31 PM Phillip Hallam-Baker <
> ph...@hallambaker.com> wrote:
>
>> On Wed, Jul 10, 2019 at 4:54 PM Wayne Thayer via dev-security-policy <
>> dev-security-policy@lists.mozilla.org> wrote:
>>
>>> Russ,
On Wed, Jul 10, 2019 at 6:11 PM Wayne Thayer wrote:
> On Wed, Jul 10, 2019 at 2:31 PM Phillip Hallam-Baker <
> ph...@hallambaker.com> wrote:
>
>> On Wed, Jul 10, 2019 at 4:54 PM Wayne Thayer via dev-security-policy <
>> dev-security-policy@lists.mozilla.org> wrote:
>>
>>> Russ,
>>>
>>> >
>>>
On Wed, Jul 10, 2019 at 4:54 PM Wayne Thayer via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> Russ,
>
> >
> Perhaps one of us is confused because I think we're saying the same thing -
> that rules around inclusion of Logotype extensions in publicly-trusted
> certs should
On Wed, Jul 10, 2019 at 2:41 PM housley--- via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On Friday, July 5, 2019 at 7:53:45 PM UTC-4, Wayne Thayer wrote:
> > Based on this discussion, I propose adding the following statement to the
> > Mozilla Forbidden Practices wiki
On Wednesday, May 16, 2018 at 2:16:14 AM UTC-4, Tim Hollebeek wrote:
> This is the point I most strongly agree with.
>
> I do not think it's at odds with the LAMPS charter for 6844-bis, because I do
> not think it's at odds with 6844.
Updating 6844 is easy. Just define the tag and specify scope
When I wrote CAA, my intention was for it to apply to SSL/TLS certs only. I did
not consider S/MIME certs to be relevant precisely because of the
al...@gmail.com problem.
I now realize that was entirely wrong and that there is in fact great utility
in allowing domain owners to control their
15 matches
Mail list logo
