On Tue, Mar 13, 2018 at 10:55 AM, Kai Engert <k...@kuix.de> wrote: > On 13.03.2018 15:35, Ryan Sleevi via dev-security-policy wrote: > > > >> Are the DigiCert transition CAs, which are part of the exclusion list, > >> and which you say are used for "Managed Partner Infrastructure", > >> strictly limited to support the needs of the Apple and Google companies? > > > > > > No. > > If the answer is "no", it means there are additional beneficials besides > Apple and Google. > > > > Apple is Apple. Google is Google. DigiCert is running the Managed Partner > > Infrastructure from the consensus plan, using the two transition CAs, in > > addition to the two pre-existing roots participating in Mozilla's root > > store. > > Which companies, other than Apple and Google, benefit from DigiCert > running the Manager Partner Infrastructure and from DigiCert being part > of the exclusion list? >
Kai, Please see if Peter's answer helps. I will be happy to answer follow-up questions if you are still confused, but I do want to stress, the Managed Partner Infrastructure consensus plan, discussed for months, addresses both the reasoning and the risk. Apple and Google *do not* benefit from the Managed Partner Infrastructure. They could, but at present, they do not. Hopefully, Peter's decomposition addresses the confusion. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
