On 27.01.2009 05:20, Gervase Markham wrote:
https://bugzilla.mozilla.org/show_bug.cgi?id=475473
filed to create mozilla.dev.security.policy. And please let's not have a
bikeshed discussion about the name.
Sorry to do just that, but I think it's more than bikeshed:
I do not think that CA policy discussion belongs in .security (or
anything near it). I think that crypto and security are two distinct
things: crypto protects communication, while security protects my
systems. Crypto is about SSL, S/MIME. Security is about bugs/holes and
application update.
(Only caveat: phishing doesn't really belong in either group. It's
usually handled in security, although it's about communication.)
Crypto is generating a lot of discussion, but I personally think that
security should not be deluded by the many crypto discussions.
So, I propose both a m.d.crypto.policy and a m.d.security.policy. CA
policy would be discussed in m.d.crypto.policy.
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
