On 17/01/18 19:49, Jakob Bohm wrote: > 3. Major vertical CAs for high value business categories that issue > publicly trusted certificates at better than EV level integrity. For
How do you define "major"? And "high value business category"? > 4. Selected company CAs for a handful of too-bit-to-ignore companies > that refuse to use a true public CA. So you think Mozilla's policy should include formal acknowledgement that some companies are too big to ignore? How do you decide which companies are in this category? Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy