I was thinking you should just have the Cas add them all for you. Makes it easier on you and demonstrates they are tracking and remediating these issues. If I were going to create a bug for these in Mozilla would you prefer to see one bug per issue on one bug per CA. For example, should there be a bug for all DigiCert issues or should there be one that describes too long of serial number and another that says the field contains meta-data?
-----Original Message----- From: dev-security-policy [mailto:dev-security-policy-bounces+jeremy.rowley=digicert.com@lists.mozilla .org] On Behalf Of Gervase Markham via dev-security-policy Sent: Wednesday, August 9, 2017 9:34 AM To: mozilla-dev-security-pol...@lists.mozilla.org Subject: Re: High traffic on this list, and Mozilla root program involvement On 09/08/17 00:12, Jeremy Rowley wrote: > Do you want that added as a new bug for all the issues listed? I'm not sure I follow. Do I want what added? I will be filing any additional appropriate bugs when I get around to triaging all the messages in this forum. Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy