On Wednesday, May 31, 2017 at 11:04:53 AM UTC-5, Gervase Markham wrote: > > If you have suggestions on how to improve this definition, let's keep > brevity in mind :-)
Perhaps some reference to technologically incorrect syntax (i.e. an incorrectly encoded certificate) being a mis-issuance? How far does "those containing information which was not properly validated" go? Does that leave the opportunity for someone's tortured construction of the rule to suggest that a certificate that everyone agrees is NOT mis-issued is in fact technically mis-issued? _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy