On 29/1/09 12:53, Ben Bucksch wrote:
On 27.01.2009 05:20, Gervase Markham wrote:
https://bugzilla.mozilla.org/show_bug.cgi?id=475473
filed to create mozilla.dev.security.policy....
(Only caveat: phishing doesn't really belong in either group. It's
usually handled in security, although it's about communication.)
Crypto is generating a lot of discussion, but I personally think that
security should not be deluded by the many crypto discussions.
Common bug in security :)
So, I propose both a m.d.crypto.policy and a m.d.security.policy. CA
policy would be discussed in m.d.crypto.policy.
I would disagree. CA policy has relatively little to do with crypto.
The CA isn't crypto, it's a bit that was added into the wider security
system to fix a shortfall in the protocol.
I would stick with the original suggestion of dev-security-policy.
One thing we should avoid is overstressing the value of taxonomies, as
any tree structured system is always bound to muck complex areas up,
especially areas that integrate a lot of different disciplines.
Instead, we should concentrate on what is written in the list charter
text that is sent to the new subscribers.
iang
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
