On Thu, Mar 7, 2019 at 10:10 AM Ken Myers (personal capacity) via dev-security-policy <dev-security-policy@lists.mozilla.org> wrote:
> Is the issue that a Dark Matter business unit may influence the Dark > Matter Trust Services (a separate unit, but part of the same company) to > issue certificates for malicious purposes? > > or is it a holistic corporate ethics issue (in regards to Mozilla > community safety) of a Mozilla-trusted service operated within a company > that sells offensive cyber services? > This particular question is one that I'd very much like to see the program address officially. I personally reject the "corporate ethics issue" as inappropriate to this domain, but I don't really get a vote. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy