On Thu, Jun 5, 2025 at 4:25 PM Jeremy Rowley <[email protected]> wrote:
> They don't, but what is the incentive of the CA to give the relying party > more protection while risking revocation if someone writes the information > incorrectly. > There's a small part of me, even after all these years, that believes that the whole point of being a CA is to help secure the web for its users. If that's not a shared motivation, then our only option is the force of the BRs and root programs, and we should stop negotiating entirely with misaligned members of the ecosystem. Mike -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CADQzZqt9%3DfAdtmyas71%3DtmLOMRgbu%3DFOnAhg78g3%3DYTsKw8Uug%40mail.gmail.com.
