On Dec 27, 1:22 am, "David E. Ross" <nob...@nowhere.not> wrote:
> I have a problem with this response. The message that Eddy quoted > appears to be a "canned" message (equivalent to a form letter). This > was put into use without proper quality assurance (QA). The whole issue > under discussion reflects a general disregard for QA, with this message > merely another example. This is just sales. A sales agent sees that a certificate order has not been completed and follows up with the customer. Maybe he/she have questions that needs to be resolved. Customer will still need to go through normal DV verification. > I find these failures of Certstar's QA processes alarming when you > consider the purpose of certificates. That is, if you can't get a > simple canned message correct and allow several certificates to be > signed without verifying that the subscriber is authorized, what else is > amiss in your QA department? A mistake did happen (we are sorry) but actions have been taken to prevent it reoccuring. You will not see verification problems from Certstar again. Our CA has (rightfully) putted us in the heat for this mistake. -- kind regards, Patricia, Certstar ApS _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
