[SSL Observatory] Mozilla survey complete?
Johnathan Nightingale
johnath at mozilla.com
Mon Sep 19 13:39:02 PDT 2011
On 2011-09-19, at 11:23 AM, Jacob Appelbaum wrote:
> On 09/19/2011 04:53 PM, Johnathan Nightingale wrote:
>> On 2011-09-19, at 10:50 AM, Gervase Markham wrote:
>>
>>> On 17/09/11 13:39, Larry Seltzer wrote:
>>>> The deadline for Mozilla's survey of CAs is over. I know I want
>>>> to know the results and who didn't get their results in on time
>>>> and what the consequences of that will be.
>>>
>>> All but one CA emailed has responded; we are chasing that CA to see
>>> if the message got caught in their spam filters.
>>>
>>> We have no plans to publish the data gathered.
>>
>>
>> (To clarify, lest we spin a whole thread ranting about disclosure and
>> transparency, Gerv means precisely what he says: we have no plans. We
>> may well talk about the response we've seen from the CAs, perhaps in
>> generalities, perhaps in particulars where appropriate. We have not
>> made plans on the subject as of yet.)
>
> What is the appropriate forum for the greater community to participate
> in these discussions?
Yeah - that's a fair question. mozilla.dev.security.policy is the obvious place, though it tends to be rather more decentralized, with people blogging, commenting, discussing in IRC, tweeting, &c. Maybe I should say that mozilla.dev.security.policy is the canonical place.
J
---
Johnathan Nightingale
Director of Firefox Engineering
johnath at mozilla.com
More information about the Observatory
mailing list