Part 2 of 2 On Wednesday, March 6, 2019 7:51 PM, Ryan Sleevi wrote:>
> DarkMatter response to the serial number issue has demonstrated > that DarkMatter did not do the expected due diligence to investigate > and understand the issue. Your statement as Google's representative is quite disingenuous and self-serving. As a new member of the CABForum, we were not privy to the discussions for Ballot 164, and have interpreted the Baseline Requirements as they were written. We have made the necessary incident report and corrections. [1] We note that your own employer, Google, also discovered that it had the same entropy non-compliance with its serial numbers (as a result of the DarkMatter discussions highlighting it to them), and we presume that hundreds of thousands of certificate's would be affected globally (in comparison to the less than 300 impacted DarkMatter certificates).[2] Clearly the risk to users is larger in the Google case. Are you also going to accuse your employer (Google) as not having undertaken "the expected due diligence to investigate and understand the issue" that you demand from DarkMatter, and call for the same sanctions against Google that you wish to impose on DarkMatter? Does the Mozilla foundation stand by this double-standard because Google is one of its significant donors, and its default search engine? Reports indicate that in 2014, 90% of Mozilla's royalties revenue was derived from its contract with Google. We understand that the relationship persists today. [3] Transparency in a public discussion requires full disclosure and transparency from all - not just DarkMatter. > You have highlighted that you believe such articles are misleading, > but there are a number of unresponded questions to past replies > that seek to better understand. I am glad that you brought this up directly with me - and in this public discussion. Ryan, you have been one of the individuals who have been persistent in spreading this false narrative - as far back as February 2018 - during our initial submission to CABForum. We have duly noted and have been aware of your persistent attempts to interfere with our contractual relations. Your employer should know that we have had to expend considerable effort to defend against your back-room politicking, and defamatory innuendos, about the nature of our business. For the record, there are simply two (2) articles, which cite defamatory and categorically false sources, making utterly baseless allegations about DarkMatter's purpose and mission. These two narratives have been recycled repeatedly by journalists seeking a lurid and sensationalist myth-making angle on our purpose and mission. Repeating a lie ad-nauseam does not make it true. CA representatives (including the Mozilla representatives who have chosen to pre-judge DarkMatter using the same media sources ) do a great disservice to the idea of "trust" - when they persist in a concerted effort to accelerate this false narrative about DarkMatter, a commercial CA business head-quartered in the United Arab Emirates. Read my statement carefully: there are no ambiguities or loopholes in our categorical denials of any false claim made about DarkMatter in these misleading articles. These claims are baseless and have nothing to do with DarkMatter. It is very clear to us that your paternalistic dismissal of the need for regional or "local CAs" seems to indicate a hidden motivation: less CA's offering competitive services in the marketplace. Our view is clear and unambiguous: when CA's, or Root Store operators use their participation in the these process - in a manner that is intended to arbitrarily and without any valid proof, restrict or impede the inclusion of DarkMatter certificates, they are colluding to create an economic environment that is contrary to anti-trust laws. Benjamin Gabriel General Counsel Dark Matter Group Benjamin Gabriel | General Counsel & SVP Legal Tel: +971 2 417 1417 | Mob: +971 55 260 7410 benjamin.gabr...@darkmatter.ae The information transmitted, including attachments, is intended only for the person(s) or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and destroy any copies of this information. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy