Gervase Markham wrote: > We (Mozilla) would expect Comodo to be issuing certificates under any > root it owns, whether the name on the root is its own or another's, > in compliance with the Mozilla CA policy and the audits it has > passed. > [..] > There are root certificates in the store which bear the names of > companies which have not existed for quite some time. We know about > this. Knowing about it is not a function of audit frequency.
Disclaimer: I'm no lawyer. But different national laws might apply here. Here in Germany we have some obligations for commercial web sites to really show correct names (of natural or legal persons) and full postal address so that anybody who wants to take the web site owner to court can do so. It's called "Impressumspflicht" and it already caused lots of litigation cases. In this spirit I'm not sure whether there aren't any legal problems with root CA certs containing issuer names which are not a valid name of a natural or legal person anymore. Even though such a name mismatch is not primarily caused by Mozilla the project could be taken to court because of publishing this false information as "trusted". Ask your lawyers... Ciao, Michael. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
