On 12/28/2008 04:24 PM, Ian G:
1. Certs: All end-users who rely on these certs will lose. That probably
numbers in the millions. All subscribers will lose, probably in the
thousands. The CA will lose; potentially it will lose its revenue
stream, or have it sliced in half (say), which is what we would call in
business circles a plausible bankrupcy event.
Not relevant.
Well! If they are not relevant, then perhaps we can turn SSL off, with
no consequences?
I was clearly replying to the later part:
The CA will lose; potentially it will lose its revenue stream, or have
it sliced in half (say), which is what we would call in business circles
a plausible bankrupcy event.
It's not relevant.
No, I'm afraid there is an agreement to list the root, under a policy.
Once listed, Mozilla has to operate according to its side of the bargain.
Apparently you are reading something I haven't.
The problem being, that even if it reserves the right to make a choice
for any reason, this does not give Mozilla carte blanche.
Mozilla can make a bad decision, no doubt. This case is most likely not
one of those you are referring to.
Please read it carefully. a root being dropped by a BAD decision.
A root isn't removed before careful considerations. A bad decision
doesn't warrant not to remove any roots at all if necessary. Mozilla can
also reinstate a root.
They stated how many, IIRC. I recall it was something like 111 certs
issued and 11 outstanding that had not been re-verified within around 48
hours (these numbers are not accurate, but indicative) and were
therefore revoked.
That's for the specific certstar case. Domain validation isn't performed
by Comodo on a wide scale apparently and perhaps no validation is
performed at all.
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
Jabber: start...@startcom.org
Blog: https://blog.startcom.org
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
