On Fri, Sep 4, 2015 at 4:53 AM, Gervase Markham <g...@mozilla.org> wrote:
> On 03/09/15 19:22, Kathleen Wilson wrote: > > 2) Remove included root certs that only have the Code Signing trust bit > > enabled. To our knowledge, no one is using such root certs via the NSS > > root store. > > This seems like a half-way house. If no-one is using our root store as a > code-signing root store, we should stop supporting the code-signing bit > entirely, remove the bit from all roots, and remove the UI associated > with it in all apps. > I would personally be OK with that, since I'm pretty sure there's nothing in the Mozilla code base that makes use of that trust bit. (All of the code signing the Firefox does is under hard-coded Mozilla-owned roots.) The questions of removing the bit entirely or removing UI, however, are for the NSS team and dev.tech.crypto, respectively. It does make sense for this group to opine on removing the code signing bit from all roots. If we agree to remove the code-signing-only roots, then removing the code-signing bit from other roots seems like an obvious additional step to me. --Richard > But if we still want to support the code-signing use case, we shouldn't > remove these roots. > > Gerv > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy