On Friday, May 27, 2016 at 7:23:03 AM UTC-7, Peter Kurrasch wrote: > I'm opposed to allowing job postings in this forum. The focus should be > policy as that is the reason we have gathered here. > > Job postings generally are intended for people in a particular country with > a particular level of experience who are actively seeking or receptive to a > new job. Sending out off-topic messages that are intended for a subset of a > subset of a subset of people here sounds like spam to me. >
Policy and engineering are often intertwined - especially in the CA space. Our ability to enact meaningful policies that protect users is often directly correlated to CAs (and site operators) abilities to enact changes. Things like CAA, name constraints, and short-lived certificates are all prime examples of this - they relate to policies but require engineering. I would think that if we want to improve the state of the ecosystem, we also need to improve the state of the engineering. And it's clear that this forum, of perhaps all those out there, has the right confluence of people passionate about policy and interested in the engineering side. While I don't know to what extent the broader (lurking) community is able and receptive to such postings, the active participants are at least interested in developing a robust approach to user security - that is why we're here and care about the policies. If they could get paid for that (as many presently are volunteers), isn't that a win? _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy