<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Apr 26, 2017 at 8:58 PM, Kirk Hall <span dir="ltr"><<a href="mailto:Kirk.Hall@entrustdatacard.com" target="_blank">Kirk.Hall@entrustdatacard.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div lang="EN-US">
<div class="gmail-m_-7792700558876072857WordSection1">
<p class="MsoNormal"><span style="font-size:11pt;font-family:calibri,sans-serif;color:rgb(31,73,125)">Exactly, Geoff – that was my thinking.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:calibri,sans-serif;color:rgb(31,73,125)"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:calibri,sans-serif;color:rgb(31,73,125)">Ryan, no I wasn’t out of the room when you and Gerv were speaking (why would you ask something like that?),</span></p></div></div></blockquote><div><br></div><div><div>Hi Kirk,</div><div><br></div><div>I didn't ask if you were, I mentioned that you were out, for part of the discussion. I mentioned this because you requested that I explain the motivation, but we did this at great length at the F2F, at least part of which you were out of the room.</div><div> </div></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div lang="EN-US"><div class="gmail-m_-7792700558876072857WordSection1"><p class="MsoNormal"><span style="font-size:11pt;font-family:calibri,sans-serif;color:rgb(31,73,125)"> and I’m aware that a particular non-US DTP made mistakes
in domain verification (and apparently its audit was not sufficient). But failure of one DTP and one audit does not mean that all DTPs and all audits have failed, and if I understand correctly, Google and Mozilla are holding the CA that used the DTP responsible
for the problems. So I’m not sure why that isn’t sufficient. </span></p></div></div></blockquote><div><br></div><div>Unfortunately, I'm afraid you don't understand correctly. However, I don't want that to cause us to rathole on the "why", when we can spend our time so much more productively discussing the "How".</div><div><br></div><div>I'm hoping that, in the spirit of making meaningful substantive contributions, that we can assume, for sake of discussion, that neither Gerv and I are mistating the difficulty - that it is difficult, and that it won't happen in a timely fashion to the security concerns, and that the present process has a number of deficiencies - do you believe this ballot would cause any harm to Entrust's operations that we should be aware of? Do you believe this would present difficulty to adopt?</div><div><br></div><div>If so, that's useful and constructive feedback.</div><div>If not, that's also useful and constructive feedback.</div><div><br></div><div>By focusing on the impact to Entrust, and Entrust only, it allows us to have a productive and thoughtful exchange of ideas, rather than worrying about hypotheticals that might affect non-participant CAs that may, or may not, exist.</div></div></div></div>