Hello Andrew,
I am very aware that in the past the CA has made errors and misissuance, I
fully understand the context and the seriousness of the matter. As CA we
understand that it makes no sense to rely on "nothing serious ever happened",
and the correct thing is to assume the importance of
> - Sending a link that must be accessed to approved is known-insecure, as
> automated mail scanning software may automatically dereference links in
> e-mail (in order to do content inspection). Confirm/Reject buttons alone
> shouldn't be seen as sufficient to mitigate this, as that may vary
> The reason we reject human error as a root cause, which you don't seem
> to understand because you mention the engineers, is that failures are
> NOT the fault of humans who make mistakes. They're the fault of the
> system which failed to prevent the mistakes.
> The mention of the engineers,
3 matches
Mail list logo
