Re: DarkMatter Concerns

[cwbussard--- via dev-security-policy]

This seems like an absolute no-brainer to me. DarkMatter's past behavior and 
line of business are fundamentally incompatible with the level of trust reposed 
in CA's. This is not even a close call. I believe Mozilla should:
1. Deny the root inclusion request;
2. Add the intermediate CA certificates that were signed by QuoVadis to OneCRL; 
and
3. Demand an explanation from DigiCert as to why the intermediate CA 
certificates were issued in the first place and why they remain unrevoked.
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy