Re: Policy Update Proposal -- Remove Email Trust Bit

Here's where I stand on this... - I think it would be premature to remove the Email trust bit at this point in time. - I cannot spend any more time on the Email trust bit than I currently do. - I think we should postpone (to a future version of the policy) splitting the S/MIME policy into a

Re: Policy Update Proposal -- Remove Email Trust Bit

On Tue, Oct 13, 2015 at 5:04 AM, Kathleen Wilson wrote: > I believe that such a resource commitment would satisfy all of the > arguments against the Email trust bit that Ryan so eloquently summarized. > [3] > > Is this a fair assessment? > > Is there anything else that

Policy Update Proposal -- Remove Email Trust Bit

All, Many people have contacted me because they heard that Mozilla is considering removing the Email trust bit, and they ask that we keep the Email trust bit because they use the root certs in Mozilla's root store (NSS) with the Email trust bit enabled in current and future

Re: Policy Update Proposal -- Remove Email Trust Bit

Great job description, Kathleen, and thanks for working toward keeping this technical capability available. I have some questions about the financial aspects of this, or if there is a better place to discuss this issue please redirect me. Obviously have a "resource" implies that there is

Re: Policy Update Proposal -- Remove Email Trust Bit

On 13/10/15 19:39, R Kent James wrote: > Obviously have a "resource" implies that there is funding needed to > support this. My understanding is that in many cases, there is a cost to > certificate providers to have their certificates included in a root > store, that is applied to the expense of

Re: Policy Update Proposal -- Remove Email Trust Bit

On 10/13/2015 8:04 AM, Kathleen Wilson wrote: > All, > > Many people have contacted me because they heard that Mozilla is > considering removing the Email trust bit, and they ask that we keep the > Email trust bit because they use the root certs in Mozilla's root store > (NSS) with the Email

Re: [FORGED] Re: Policy Update Proposal -- Remove Email Trust Bit

On Fri, Sep 25, 2015 at 8:47 AM, Peter Gutmann wrote: > Eric Mill writes: > > >can anyone lay out what the steps to doing that would look like so the > S/MIME > >community can react in more concrete ways? > > Well, first you'll have to tell the

Re: Policy Update Proposal -- Remove Email Trust Bit

On 9/25/2015 7:48 AM, Phillip Hallam-Baker wrote: Would people be interested in the suggestion I have? If we are going to get anywhere with end to end secure email, we need to ... Phillip, if you want to talk about issues in Thunderbird, you really need to post to the tb-planning list, not

RE: [FORGED] Re: Policy Update Proposal -- Remove Email Trust Bit

Eric Mill writes: >can anyone lay out what the steps to doing that would look like so the S/MIME >community can react in more concrete ways? Well, first you'll have to tell the S/MIME community what it is you want them to do... Peter.

Re: Policy Update Proposal -- Remove Email Trust Bit

Yes, I think it should be kept. If some CA don't like this bit, then don't apply it, so simple. No necessary to remove it in NSS. Regards, Richard > On Sep 23, 2015, at 21:34, Adriano Santoni > wrote: > > There's one thing that I still do not understand. > >

Re: Policy Update Proposal -- Remove Email Trust Bit

+100, should keep. Regards, Richard > On Sep 23, 2015, at 06:12, Kathleen Wilson wrote: > > On 9/22/15 9:29 AM, Kathleen Wilson wrote: >>> >>> First, we need to determine if the Email trust bit should remain part of >>> Mozilla's CA Certificate Policy. >> >> To be

Re: Policy Update Proposal -- Remove Email Trust Bit

On 23/9/2015 3:46 πμ, Ryan Sleevi wrote: On Tue, September 22, 2015 3:13 pm, Kathleen Wilson wrote: == Arguments against removing the Email trust bit == Based on the information I currently have, and the discussion so far, I think we should keep the Email trust bit. For a future

Re: Policy Update Proposal -- Remove Email Trust Bit

If this is a wakeup call to the S/MIME community that they need to demonstrate enough organization and interest to create the same level of reliability that browsers did for HTTPS, can anyone lay out what the steps to doing that would look like so the S/MIME community can react in more concrete

Re: Policy Update Proposal -- Remove Email Trust Bit

On 9/21/15 7:07 PM, Kathleen Wilson wrote: In https://wiki.mozilla.org/CA:CertificatePolicyV2.3 The proposal is: (D27) Clarify which audit criteria are required depending on which trust bits are set. In particular, root certs with only the S/MIME trust bit set will have different audit

Re: Policy Update Proposal -- Remove Email Trust Bit

On 9/22/15 9:29 AM, Kathleen Wilson wrote: First, we need to determine if the Email trust bit should remain part of Mozilla's CA Certificate Policy. To be clear, IF this proposal to remove the Email trust bit from Mozilla's CA Certificate Policy is approved, then it would follow that the