On 4/1/09 21:32, Paul Hoffman wrote:
I propose that Mozilla form a new mailing list, dev-policy-trustanchors. The
topics for that list would include:
- All new trust anchors being added to the Mozilla trust anchor pile
- Proposals for changes to the Mozilla trust anchor policy
- Complaints about particular participants in the current trust anchor pile
- Discussion of the UI aspects of the PKI in various Mozilla software
I agree in principle. I would suggest "policy-ca" or "ca-policy" being
anything in or around the CA policy, as that is the name of the thing.
Comments:
1. I don't think the discussions here are anything to do with dev.
2. trustanchors seems a too precise term, and I would prefer to see
it dropped (for liability reasons).
3. I would love to see real discussion of the UI aspects. I have no
idea how to talk to those people, they should be here.
4. This topic is also about legal relationships. Calling it "policy"
tends to sweep the liabilities under the carpet.
Topics that would still be germane for dev-tech-crypto would include
- Questions on how to add or remove trust anchors from various Mozilla software
(without any discussion of why someone wants to do it)
- Discussion of how to implement alternate UI schemes for PKI (that is, what
hooks are available in NSS for detecting positive and negative results)
Agreed. It would be nice if we could do that.
All of Eddy's recent threads (being slimed by a Comodo reseller, finding a
reseller that doesn't do domain validation, advertising that he had a domain
validation bug but fixed it) would all be appropriate on the new list.
The current list is way too unfocused. People asking actual tech questions get
drowned out by threads that have literally nothing to do with crypto but
everything to do with policy.
Thoughts?
Absolutely, +1.
iang
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
