Major +1. Removing this language is consonant with Mozilla objectives, with Web PKI trends, and with the health of the open web.
-- Eric On Thu, Apr 20, 2017 at 9:02 AM, Gervase Markham via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > There is an entry on Mozilla's Potentially Problematic CA Practices list > for Wildcard DV certs: > https://wiki.mozilla.org/CA:Problematic_Practices# > Wildcard_DV_SSL_Certificates > > This text was added by Frank Hecker when this page was very new back in > 2008, and has been basically unchanged since then: > https://wiki.mozilla.org/index.php?title=CA:Problematic_Practices&diff= > 92109&oldid=92084 > > I don't believe the issuance of wildcard DV certs is problematic in > practice. Mozilla is of the view that ubiquitous SSL is the highest > priority for the Web PKI, and wildcard certs are a part of that. Mozilla > also doesn't believe that it's the job of CAs to police phishing, which > is the concern raised. > > I propose this section be removed from the document. > > Gerv > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy > -- konklone.com | @konklone <https://twitter.com/konklone> _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy