On Wed, Mar 13, 2019 at 6:09 PM Peter Gutmann via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote:
> Richard Moore via dev-security-policy < > dev-security-policy@lists.mozilla.org> writes: > > >If any other CA wants to check theirs before someone else does, then now > is > >surely the time to speak up. > > I'd already asked previously whether any CA wanted to indicate publicly > that > they were compliant with BR 7.1, which zero CAs responded to (I counted > them > twice). This means either there are very few CAs bothering with > dev-security- > policy, or they're all hunkering down and hoping it'll blow over, which > given > that they're going to be forced to potentially carry out mass revocations > would be the game-theoretically sensible approach to take: To be fair, this is not an either/or proposition. The third option is that they could be ignoring you specifically, which may not be an unreasonable position, game-theoretically speaking of course. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
