Sorry - that was a cynical view. I do think CAs are trying to secure the web for users for sure, but I think a lot of CAs would argue that their particular mass revocation didn't help that cause :)
On Thu, Jun 5, 2025 at 2:28 PM Mike Shaver <[email protected]> wrote: > On Thu, Jun 5, 2025 at 4:25 PM Jeremy Rowley <[email protected]> wrote: > >> They don't, but what is the incentive of the CA to give the relying party >> more protection while risking revocation if someone writes the information >> incorrectly. >> > > There's a small part of me, even after all these years, that believes that > the whole point of being a CA is to help secure the web for its users. If > that's not a shared motivation, then our only option is the force of the > BRs and root programs, and we should stop negotiating entirely with > misaligned members of the ecosystem. > > Mike > > -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CAFK%3DoS-dfX5N28PQ1YxMbCX%2B-JHj1sTjh27BjawiyBNCje5kCA%40mail.gmail.com.
