El miércoles, 20 de enero de 2021 a las 2:07:31 UTC+1, Paul Kehrer escribió: > On Tue, Jan 19, 2021 at 6:37 PM Jonathan Rudenberg via > dev-security-policy <dev-secur...@lists.mozilla.org> wrote: > > > > On Tue, Jan 19, 2021, at 12:01, Andrew Ayer via dev-security-policy wrote: > > > Camerfirma was warned in 2018 that trust in their CA was in jeopardy, > > > yet compliance problems continued. There is no reason to believe > > > Camerfirma will improve, and there are many indications that they won't. > > > Mozilla's users deserve CAs that take security more seriously than this. > > > It's time to take action to protect Mozilla's users by distrusting > > > Camerfirma. > > > > I strongly agree. The consistent pattern of documented failures and > > insufficient remediation is deeply problematic, and reflects a level of > > danger to Mozilla users that can only be mitigated by distrusting the CA. > > > > Jonathan > I also agree with this sentiment. Camerafirma's extensively documented > issues (https://wiki.mozilla.org/CA:Camerfirma_Issues) and the > responses in this thread reveal a CA which cannot responsibly handle > the burden of being a publicly trusted authority. > > -Paul
Hello Paul, Jonathan I am sorry that you have this feeling. I would like to know what comments in this discussion reveal that we cannot take responsibility for the burden of running a CA. I would be happy to give you more detailed information to clarify your doubts. We see that in some answers we have not been understood or we have no be enough clear. KR Ramiro _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
