在 2016年10月21日星期五 UTC+8下午6:48:21,marc....@gmail.com写道: > Am Freitag, 21. Oktober 2016 03:59:08 UTC+2 schrieb Percy: > > Kathleen, > > As most users affected by this decision are Chinese, will you be able to > > make the blog post available in Chinese on the security blog as well? You > > can ask the Chinese firefox community or me to translate. > Hi, > > only the distrust of Wosign affects mostly chinese Users. > > The distrust of StartCom affects individuals, non profit organizations and > small companies worldwirde. StartCom was the only CA where these people and > groups could get ov,dv,s/mime and code signing certificates for a reasonable > price. Of course the incidents needed clarification and ofcourse actions are > to be taken to prevent such behaviour in future. But Gerv stated that the > main reasons for the harsh punishment are the lies and deceptions. The > responsible person is no longer in charge, StartCom has to pay a lot of money > to make the changes required by Mozilla. This is OK and fine from the view of > a customer / user. > > But with distrusting StartCom roots Mozilla isn't increasing security for > their users and the web, Mozilla will decreasing the security. > > A lot of people which have secured their services and code will lose this > possibility. From the view of a user not really understandable. > > > Just the opinion of a user who is securing services, websites and his mails > with certificates but is not capable of paying hundreds of Euros / Dollars > for achieving this goal every year. > > Greetings > > Marc
I am also a StartCom's SSL & S/MIME certificate user. The only problem for me is that I must re-config nginx. S/MIME have a lot of alternatives for free. Code Signing may only works on Windows but Microsoft seems like don't care about this because CNNIC is still trusted. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy