On Tue, March 24, 2015 4:44 pm, Daniel Micay wrote: > They're willing to set the security standards *really low* because all > that matters is market share. I can't really understand how they ended > up in the position of having the dominant trust store used by FOSS > projects. Debian and other projects should move away from simply > shipping Mozilla's trust store as-is ASAP.
To be fair, Debian and other projects have even lower security standards. That is, they still mark CACert as secure for SSL in "stable" (how is that not a security update relevant, even if fixed in Untable?!), haven't updated the ca-certificates package to remove any of the CAs that Mozilla removed for lack of current audits or modern crypto, and still include *as trusted for SSL* all the certificates that can't even match Mozilla's requirements for SSL (usually because of a lack of audits). The two most important things for managing a root store: - Keep it updated - Keep on top of the audits For what you decry about the Mozilla process, it's community driven and excels at those two things, which is exactly how it became the dominant trust store. But yes, Debian moving away from what they do today would be great, if only because their current use is even worse than you describe Mozilla's. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
