On Thu, Apr 02, 2015 at 09:18:05AM +0100, Gervase Markham wrote:
> On 01/04/15 23:44, Matt Palmer wrote:
> > 1) If they refuse to provide a list of currently issued certificates;
>
> I think this is unlikely, particularly as Google have decided to require
> CNNIC to agree to CT for all certificates in the future, and Google's
> blog post suggests that they have agreed to this.
On the other hand, CNNIC's blog post suggests that they haven't. There's
some serious cognitive dissonance going on here.
- Matt
--
I tend to think of "solution" as just a pretentious term for "thingy".
Doing that word substitution in my head makes IT marketing literature
somewhat more tolerable.
-- lutchann, in http://lwn.net/Articles/124703/
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
