On Tue, Mar 12, 2019 at 11:18 PM bif via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote:
> FWIW, the easiest would've been to remove "positive" aspect of serials. > Who really cares? A random number is a random number. > RFC 5280 cares, as it's been a long-standing source of compat issues, which is why RFC 5280 itself made the 'positive' requirement. https://tools.ietf.org/html/rfc5280#section-4.1.2.2 _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy