On Sat, Nov 14, 2020 at 6:05 PM Peter Bowen wrote:
> On Sat, Nov 14, 2020 at 2:05 PM Ryan Sleevi via dev-security-policy
> wrote:
> >
> > So, perhaps now that we've had this conversation, and you've learned
> about
> > potentially illegitimate revocations are a thing, but that they were not
> >
On Fri, 13 Nov 2020 21:06:30 -0500
Ryan Sleevi via dev-security-policy
wrote:
> Right, I can see by my failing to explicitly state you were
> misunderstanding my position in both parts of your previous mail, you
> may have believed you correctly understood it, and not picked up on
> all of my
On Sat, Nov 14, 2020 at 4:42 PM Nick Lamb wrote:
> To the extent your preferred policy is actually even about issue #205
> (see later) it's not really addressing the actual problem we have,
> whereas the original proposed language does that.
>
I don't entirely appreciate being told that I don't
On Sat, Nov 14, 2020 at 09:42:48PM +, Nick Lamb via dev-security-policy
wrote:
> This boilerplate does not actually achieve any of those things, and
> you've offered no evidence that it could do so. If anything it
> encourages CAs *not* to actually offer what we wanted: a clearly
> documented
On Sat, 14 Nov 2020 17:05:26 -0500
Ryan Sleevi wrote:
> I don't entirely appreciate being told that I don't know what I'm
> talking about, which is how this reply comes across, but as I've
> stated several times, the _original_ language is sufficient here,
> it's the modified language that's
On 11/13/20 1:43 PM, Ryan Sleevi wrote:
In this regard, the principles from Mozilla's 1.0 Certificate Policy
provide a small minimum, along with some of the language from, say, the
FPKI, regarding technical competencies. The basis here is simply for the
auditor to *disclose* why they believe
6 matches
Mail list logo