[cabfpub] SHA1 options for payment processors

[Gervase Markham]

Mozilla agrees with Ryan that it is not acceptable for us to produce
some generic solution such that CAs can go away and start re-issuing
SHA-1 certs at will for their customers.

We feel that any company coming forward to ask for an exception should
request it on its own merits. And so in order to discuss this further,
we need such a company to come forward (as WorldPay did) so the problem
can be discussed in concrete terms.

Gerv