Re: Blog: Why Does Mozilla Maintain Our Own Root Certificate Store?
On 19/02/2019 04:04, Ryan Sleevi wrote: > On Mon, Feb 18, 2019 at 4:59 PM Jakob Bohm via dev-security-policy < > dev-security-policy@lists.mozilla.org> wrote: > >> On 14/02/2019 23:31, Wayne Thayer wrote: >>> This may be of interest: >>> >>> >> https://blog.mozilla.org/security/2019/02/14/why-does-mozilla-maintain-our-own-root-certificate-store/ >>> >> >> Nice write up. >> >> Two points only briefly covered: >> >> - Because many open source OS distributions use the Mozilla root store, >>replacing the Mozilla root store by relying on the OS root store would >>cut off its own feet. >> >> - Some participants in the community actively refuse to support use of >>the Mozilla root store in other open source initiatives. >> > > It’s not productive or helpful to continue engaging like this. I was merely suggesting that whatever view Thayer (not you) has on these two points was missing from the blog post. Nothing more, nothing less. The first point is yet another reason why Mozilla provides it's own root store rather than relying on the OS one (the main theme of Thayer's blog post). The second point is something closely related that has no rationale in the FAQ, only a description of the situation. The blog post actually mentions that those downstreams exist, so it would be relevant to mention any policy on this. And I would highly appreciate if you stopped with your incessant bullying and trolling (and not just of me), which has been going on for years now. Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
Re: Blog: Why Does Mozilla Maintain Our Own Root Certificate Store?
On Mon, Feb 18, 2019 at 4:59 PM Jakob Bohm via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > On 14/02/2019 23:31, Wayne Thayer wrote: > > This may be of interest: > > > > > https://blog.mozilla.org/security/2019/02/14/why-does-mozilla-maintain-our-own-root-certificate-store/ > > > > Nice write up. > > Two points only briefly covered: > > - Because many open source OS distributions use the Mozilla root store, > replacing the Mozilla root store by relying on the OS root store would > cut off its own feet. > > - Some participants in the community actively refuse to support use of > the Mozilla root store in other open source initiatives. > It’s not productive or helpful to continue engaging like this. https://wiki.mozilla.org/CA/FAQ has captured module peers and owners views on this, after feedback from the community, also linked from the FAQ. I understand you’re dissatisfied with this decision, but it’s extremely poor form to continue making these little asides, and unclear what you hope to accomplish, if anything. https://blog.jessfraz.com/post/the-art-of-closing/ is an excellent post to help understand why “no” is far more healthy for a project than “yes”. The joy of open source is that, if you disagree with that direction, you’re free to go your own way and do your own thing. Indeed, in many ways, it can be more healthy for open-source projects that if folks don’t feel their contributions are being accepted for them to go their own way and create their own communities, rather than engaging with negativity. However, continually sniping at members of the community, attempting to relitigate past decisions, or “casually” bringing them up disparagingly are all profoundly unenjoyable behaviors, and thus worth avoiding. ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
Re: Blog: Why Does Mozilla Maintain Our Own Root Certificate Store?
On 14/02/2019 23:31, Wayne Thayer wrote: This may be of interest: https://blog.mozilla.org/security/2019/02/14/why-does-mozilla-maintain-our-own-root-certificate-store/ Nice write up. Two points only briefly covered: - Because many open source OS distributions use the Mozilla root store, replacing the Mozilla root store by relying on the OS root store would cut off its own feet. - Some participants in the community actively refuse to support use of the Mozilla root store in other open source initiatives. Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
Blog: Why Does Mozilla Maintain Our Own Root Certificate Store?
This may be of interest: https://blog.mozilla.org/security/2019/02/14/why-does-mozilla-maintain-our-own-root-certificate-store/ - Wayne ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy