On Thu, Mar 7, 2019 at 9:18 AM nadim--- via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote:
> I would like to repeat my call for establishing a set of empirical > requirements that take into account the context of DarkMatter's current > position in the industry as well as their specific request for the > inclusion of a specific root CA. I also concur in this to the extent possible. > While I don't necessarily fully support the method with which Benjamin > chose to address Ryan's contributions to the discussion so far, I think > we're all choosing to kid ourselves here if we continue to say that the > underlying impetus for this discussion isn't primarily sociopolitical. The > sooner an end is put to this, the better. > I concur in as far as the result, which is to say that I don't necessarily say that it _is_ "primarily sociopolitical" but rather that there is at least the appearance and nearly indefensible criticism that it could be. > The right thing to do, right now, is for there to be a documented process > through which a set of empirical, falsifiable, achievable requirements are > set by either Mozilla, the CABForum, or both, for DarkMatter to fulfill so > that they can be considered for inclusion. If these requirements are (1) > defined fairly and (2) achieved by DarkMatter verifiably, then great. > Otherwise, too bad. > Indeed the ramifications of a discretionary revocation of the intermediates or block from joining the root program, if not objectively and cleanly explained, would likely have a chilling effect on ANY newcomer. When a reasonable, documentable, objective path to earning and maintaining trust in the program exists, investment of time and resources can reasonably flow. A new counter-case of an organization that has met all the requirements and still somehow doesn't meet the bar would be most discouraging. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
