All, As per Mozilla's root inclusion process I need to make a decision about approving or denying this root inclusion request from the Beijing CA.
In my opinion, the Beijing CA has successfully completed our root inclusion process and demonstrated compliance with all of our rules and policies. Therefore, my inclination is to approve this request. There has been one item holding up my approval, which is the concerns raised by contributors to this forum that the One Pass software might be malware. I have been unable to find evidence to convince myself that the One Pass software is malware, so I would like to ask those of you who have raised such concerns... Is there something specifically that you have observed that One Pass does that disrupts or damages the user's system or gains unauthorized access? If I continue to be unable to obtain reasonable suspicion <https://www.merriam-webster.com/legal/reasonable%20suspicion> that One Pass is malware, then I will proceed with approving this CA's root inclusion request this week. Thanks, Kathleen -- You received this message because you are subscribed to the Google Groups "dev-security-policy@mozilla.org" group. To unsubscribe from this group and stop receiving emails from it, send an email to dev-security-policy+unsubscr...@mozilla.org. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/a703dcde-67e5-4fc0-b036-1be8fa01038dn%40mozilla.org.
