It should come as no big surprise that I have documented this issue as our first auditor compliance bug[1]: https://bugzilla.mozilla.org/show_bug.cgi?id=1507376
I only included a brief summary of this discussion (and a link to it). Others are welcome to comment if you feel that I have omitted crucial information, but please don't start a parallel discussion in the bug. Ryan and Jacob: in my opinion, you have both remained reasonably respectful in the midst of a contentious discussion. Thank you very much for that. While I see some small steps being made toward a common understanding of the issue, there is still fundamental and subjective disagreement on the severity, and it's not clear to me that this thread is headed toward any sort of a constructive conclusion. I would greatly appreciate everyone's input on the actions (if any, other than documenting the issue) that Mozilla should take as a result of this discussion. - Wayne [1] https://groups.google.com/d/msg/mozilla.dev.security.policy/MOdS7CH_kU8/Kcl6E9-ZAgAJ On Wed, Nov 14, 2018 at 5:27 PM Jakob Bohm via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > Once again, you snipped most of what I wrote. > > Also not sure why your post has double reply marking. > > On 13/11/2018 18:20, Ryan Sleevi wrote: > > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
