Even if we stipulated that all those accounts were fully accurate, all those reports are about a separate business that happens to be owned by the same owner.
Furthermore, in as far as none of those directly speak to their ability to own or manage a publicly trusted CA, I would regard those issues as immaterial. Perhaps they also indiscriminately kill puppies? That would be awful. Still, I do not see how that would be disqualifying. On Wed, Jul 10, 2019 at 2:45 AM Nex via dev-security-policy < [email protected]> wrote: > I think that dismissing as baseless investigations from 9 different > reporters, on 3 different newspapers (add one more, FP, if consider > this[1]) is misleading. Additionally, it is just false to say all the > articles only relied on anonymous sources (of which they have many, by > the way), but there are clearly sources on record as well, such as > Simone Margaritelli and Jonathan Cole for The Intercept, and Lori Stroud > for Reuters. > > While obviously there is no scientific metric for this, I do think the > number of sources (anonymous and not) and the variety of reporters and > of newspapers (with their respective editors and verification processes) > do qualify the reporting as "credible" and "extensively sourced". > > Additionally, details provided by sources on record directly matched > attacks documented by technical researchers. For example, Lori Stroud > talking details over the targeting of Donaghy, which was also proven in > Citizen Lab's "Stealth Falcon" report. Lastly, Reuters reporters make > repeated mentions of documents they had been able to review supporting > the claims of their sources. Unless you have good reasons to believe > reporters are just lying out of their teeth, I don't see how all of this > can't be considered credible. > > _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
