On 03/07/2020 12:24, Ryan Sleevi via dev-security-policy wrote: <snip>
The key destruction is the only way I can see being able to provide some assurance that “things won’t go wrong, because it’s impossible for them to go wrong, here’s the proof”
Ryan, distrusting the root(s) would be another way to provide this assurance (for up-to-date clients anyway), although I'd be surprised if any of the affected CAs would prefer to go that route!
-- Rob Stradling Senior Research & Development Scientist Sectigo Limited _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy