sayrer wrote: > The truth is that we are basically unable to act without a lot of > collateral damage. We should keep this in mind with future security > technology. Relying on companies willing to take money for doing > absolutely nothing (not even the bare minimum they agreed to) is not a > pleasant thing to do to our users. We didn't learn this lesson with > EV--maybe next time! :)
One of the points of EV was to allow us to act against a CA without massive collateral damage. We can remove EV status from a root without disabling the root entirely. Gerv _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
