> > Right now the list excludes anything with a certain set of name > constraints and anything that has EKU constraints outside the in-scope > set. I'm suggesting that the first "layer" of CA certs always should > be disclosed. >
I understand now. In that, I fully concur. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy