On Tue, Jul 11, 2017 at 12:09 PM, Percy via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote:
> On Tuesday, July 11, 2017 at 8:36:33 AM UTC-7, Ryan Sleevi wrote: > > > comply with the Baseline Requirements, nor, as designed, can it. The > system > > would need to undergo non-trivial effort to comply with the Baseline > > Requirements. > > If the system needs significant changes to meet the BR, then does it mean > the current security audit will no longer applies to the BR-complaint > system, assuming WoSign is ever able to produce one? That will be a question for Mozilla to assess with respect to its WoSign remediation actions. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy