> My organization, a significant government agency, just told people to stop > using Chrome and Firefox (and to use Internet Explorer) for major internal > applications because of their mutual decision to drop TLS version > negotiation support for 1.0. > > I channeled my passion in the direction of my IT group, explained the > security issue, and the issue is being resolved. They're fixing their > servers. It helps that "use IE" is a less viable strategy than it used to > be, and that Firefox is not -- as you've implied many times in this thread > -- taking this action alone. > > Spend your energy more usefully than this thread. > > -- Eric
I will, Eric, now that I see that, I will. I have never implied that Firefox acted alone. I just said it's harder to get it working. You seem to be interpreting my comments within your world view, possibly due to a defensive reaction to protect against a perceived criticism, possibly of past decisions. I have no bone in this fight. You guys are the ones doing the hard work. I'm just trying to protect it from going to waste. Firefox will never be a waste in itself. It's been a global icon. I just want to keep it that way. Are there two sides in Mozilla that need to forget the past and renew their vows and start respecting their positions? Technical guys need to do technical stuff and trust the strategy guys to be good at their stuff. Strategy guys need to be informed by tech guys so they need to listen, but everyone needs to share the same vision and goals. If one guy has a goal to lift security practices globally and another guy has a goal to get market share these goals need to be prioritised and managed and agreed to prevent destructive conflict. Maybe we need market share first and then lift practices second? Someone might have to wait, but better late than never. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy