Paul Hoffman wrote, On 2009-01-04 12:32:
> I propose that Mozilla form a new mailing list, dev-policy-trustanchors.
> The current list is way too unfocused. People asking actual tech
> questions get drowned out by threads that have literally nothing to do
> with crypto but everything to do with policy.
>
> Thoughts?
Did you mean to start a new thread? Doing so requires more than merely
changing the subject. You must post a message that is not a reply to do so.
1. In my view, there are 3 broad categories of discussion that go on in
this list. They are (in no particular order):
a) technical discussion about NSS, JSS and PSM code and protocols
(primarily of interest to developers, IMO)
b) root CA certs and related policy
c) UI/GUI ("ooey gooey" :) for crypto and certs in Mozilla products.
One of those clearly belongs in Mozilla's "developer technology"
hierarchy. It's less clear that the other two belong there.
2. As moderator of the dev-tech-crypto mailing list, I receive an email
each and every time someone subscribes or unsubscribes. Every month the
list receives a certain number of subscriptions and unsubscriptions,
with the result that the list has steadily grown at a rate of 1-3 a month
for a long time. When the volume of non-developer discussions greatly
increased (approximately in September or October), we saw an increase in
the number of monthly unsubscriptions. It reached (and briefly surpassed)
the rate of subscriptions. But the number of subscriptions rose again in
November, and since December 21, it has suddenly jumped up.
I think those observations suggest that the discussion of non-developer
topics such as root certs and browser UI has increased the level of
participation (even if mostly passive) in the subject of cryptographic
security in Mozilla products, which is good, but that has come at a cost
to the level of participation by those who were primarily interested in
developer topics.
I think both groups (developers and non-developers) might be better
served by separating the discussions into separate lists. But developers
may be very interested in both classes of topics and may not wish to
subscribe to yet another list to follow both.
3. I wonder if the non-developer topics are already within the scope of
another extant low-traffic list, namely dev-security (a.k.a.
mozilla.dev.security), except that I think the new list does not belong
in the "dev" hierarchy.
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
