On 22/01/2018 10:47, Gervase Markham wrote:
On 19/01/18 13:20, Jakob Bohm wrote:
My suggestions are only meant to inspire formal rules written / chosen
by module leaders such as you.
But the entire point of this discussion is that we are pointing out it's
hard to make such rules in the way you have just made them without being
arbitrary, and arbitrariness is something we want to avoid. So giving us
an example arbitrary ruleset is not really moving the discussion forward
much.
Ok, I was replying mostly to your assessment that this would be subject
to approval of each CA by /me/.
For the too-big-to-ignore case, a formal no-human-judgement required
criteria would be something like the issue affecting at least a certain
percentage of Internet traffic of the relevant protocol (such as
https+imaps+pop3s+smtps and the "STARTTLS" equivalents for TLS uses in
Mozilla code, or e-mail traffic for S/MIME), not including internal
traffic by the CA owner and their closest partners.
For the vertical CA case, a formal criteria would be either prior
inclusion in the Mozilla root program or acceptance from two other root
programs in the CAB/F.
Though in both cases, I think that human judgement by the relevant
Mozilla people after public discussion would be a more accurate test,
since both are meant to be exceptional cases, not the norm. As an
actual policy decision would be involved, the category approval (as
opposed to the technical approval) would need more than the usual 3 week
discussion.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
