On Thu, Aug 13, 2020 at 7:20 PM Paul Walsh via dev-security-policy <dev-security-policy@lists.mozilla.org> wrote: > > "Every domain should be allowed to have a certificate ***regardless of > intent***.” > > They are the most outrageously irresponsible words that I’ve heard in my > career on the web since 1996 when I was at AOL, and sadly, I’ve heard them > more than once. I just can’t get my head around it. To me, those words are > akin to someone saying that masks, Bill Gates, 5G and vaccinations are all > dangerous - totally stupid and not in the best interest of society.
So in your opinion, what is wrong with every domain being allowed to have a certificate? What are your opinions on every domain being allowed TCP connections, IP addresses, its domain itself, and electricity? Is the certificate somehow standing out in your opinion? Why should it? If it was so easy for CAs to detect problematic domains, why isn't it for the domain registries/registrars? Why isn't the domain itself the problem but somehow the certificate is? Tobi _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy