Re: DarkMatter Concerns

2019-03-07 Thread Nadim Kobeissi via dev-security-policy
On Thu, Mar 7, 2019, 4:29 PM Ryan Sleevi wrote: > > On Thu, Mar 7, 2019 at 10:18 AM nadim--- via dev-security-policy < > dev-security-policy@lists.mozilla.org> wrote: > >> I think we're all choosing to kid ourselves here if we continue to say >> that the underlying impetus for this discussion

Re: DarkMatter Concerns

2019-03-22 Thread Nadim Kobeissi via dev-security-policy
What a strange situation. On the one hand, denying DarkMatter's CA bid because of these press articles would set the precedent of refusing to accept the engagement and apparent good faith of a member of the industry, based only on hearsay and with no evidence. On the other hand, deciding to move

Re: DarkMatter Concerns

2019-06-23 Thread Nadim Kobeissi via dev-security-policy
That article doesn’t seem to say anything new about Dark Matter that hasn’t been reported before, doesn’t present evidence and doesn’t cite sources. Furthermore the article appears to allege that Dark Matter “discussed” potentially targeting The Intercept, not that it “tried to hack several of

Re: DarkMatter Concerns

2019-07-10 Thread Nadim Kobeissi via dev-security-policy
his > can't be considered credible. > > [1] > https://foreignpolicy.com/2017/12/21/deep-pockets-deep-cover-the-uae-is-paying-ex-cia-officers-to-build-a-spy-empire-in-the-gulf/ > > On 7/9/19 6:09 PM, Nadim Kobeissi via dev-security-policy wrote: > > Dear Wayne, > > >

Re: DarkMatter Concerns

2019-07-10 Thread Nadim Kobeissi via dev-security-policy
I would like to support the statements made by both Fabio and Scott to the extent that if Mozilla is to go forward with this decision, then I fully expect them to review their existing CAs and to revoke onto OneCRL every one of them that has some news report of blog post linking them to nefarious

Re: DarkMatter Concerns

2019-07-10 Thread Nadim Kobeissi via dev-security-policy
ion for your continued engagement, Nadim Kobeissi Symbolic Software • https://symbolic.software Sent from office On Wed, Jul 10, 2019 at 7:33 PM Ryan Sleevi wrote: > > > On Wed, Jul 10, 2019 at 1:07 PM Nadim Kobeissi via dev-security-policy < > dev-security-policy@lists.mozilla.org> w

Re: DarkMatter Concerns

2019-07-10 Thread Nadim Kobeissi via dev-security-policy
: > > > On Wed, Jul 10, 2019 at 2:15 PM Nadim Kobeissi via dev-security-policy < > dev-security-policy@lists.mozilla.org> wrote: > >> Indeed I would much rather focus on the rest of the elements in the >> Mozilla >> Root Store Policy ( >> >> http

Re: DarkMatter Concerns

2019-07-10 Thread Nadim Kobeissi via dev-security-policy
Dear Ryan, In outlining the two paths that I presented at the end of my previous email, I made sure to illustrate the choice between them as one that comes repeatedly -- a conscious choice that every time produces a small, incremental improvement, often through a tiresome and onerous process.

Re: DarkMatter Concerns

2019-07-09 Thread Nadim Kobeissi via dev-security-policy
Dear Wayne, I fully respect Mozilla's mission and I fully believe that everyone here is acting in good faith. That said, I must, in my capacity as a private individual, decry what I perceive as a dangerous shortsightedness and lack of intellectual rigor underlying your decision. I do this as

Re: DarkMatter Concerns

2019-07-16 Thread Nadim Kobeissi via dev-security-policy
I think it's interesting how one of the main technical arguments for denying DarkMatter's root inclusion request -- the misissuance of certificates with 63-bit identifiers instead of 64-bit identifiers, also affected Google, Apple and Godaddy, and to a much greater extent:

Re: DarkMatter Concerns

2019-07-09 Thread Nadim Kobeissi via dev-security-policy
I wanted to supplement my previous email with an observation on how this decision is already being covered by the same news outlet that are being cited in the case against DarkMatter. Reuters wrote this article: