I share the desire to move faster than these dates, but upon
consideration, I don't think it's much of a boon to web security for
Mozilla to be substantially ahead of Chrome in implementing these trust
changes.
Since Chrome's decision to implement in April is final, their large user
population is
> On Jul 28, 2017, at 09:34, Alex Gaynor via dev-security-policy
> wrote:
>
> Frankly I was surprised to see Chromium reverse course on this -- they have
> a history of aggressive leadership in their handling of CA failures, it's a
> little disappointing to see them abandon that.
>
> I'd stron
On Friday, 28 July 2017 08:15:43 UTC+2, Gervase Markham wrote:
> Google have made a final decision on the various dates they plan to
> implement as part of the consensus plan in the Symantec matter. The
> message from blink-dev is included below.
>
> Most of the dates have consensus - the dates f
On 7/28/2017 6:34 AM, Alex Gaynor wrote:
> Frankly I was surprised to see Chromium reverse course on this -- they have
> a history of aggressive leadership in their handling of CA failures, it's a
> little disappointing to see them abandon that.
>
> I'd strongly advocate for us perusing an earlier
Hi Gerv,
Thank you for reaching out to the mdsp community.
There are valid security reasons to consider a dis-trust date earlier than
April 2018 for the corpus of Symantec certs issued prior to June 1st, 2016.
However, I also believe there are security and operational risks in
complicating the n
Frankly I was surprised to see Chromium reverse course on this -- they have
a history of aggressive leadership in their handling of CA failures, it's a
little disappointing to see them abandon that.
I'd strongly advocate for us perusing an earlier date -- December 1st at
the latest. Reasons:
1) C
As it stands, aligning with Chrome, plus/minus 14 days would be the best
approach.
It is of cause regrettable that Symantec managed to delay the decision
process until a time when key Mozilla personnel (most notable Gerv)
where unavailable, thus allowing Chrome to make the decisions while
Mozilla
With respect to the date of distrust of symantec certificates issues before
June 1, 2016, I believe Mozilla has a third option:
Remove indicators of trust (green lock, etc.) on December 1, 2017 for Symantec
certificates issued prior to June 1, 2016 (but do not produce interstitials and
do not a
8 matches
Mail list logo