On 12/29/2008 3:47 AM Kyle Hamilton cranked up the brainbox and said: > And since the number one reason for having a CA in the root list is > for Mozilla-software user security, how do you arrive at "punish [...] > millions of users"?
If all of Comodo's certs cease to be trusted, millions of web surfers will see errors on potentially thousands of sites. > This leads me to believe that there are three possibilities: > 1) You have communication from Robin about the number of certificates > that Comodo has issued that the rest of us are not privy to, OR > 2) You have some way of knowing what CAs are in use by the servers > that users of the Mozilla applications use (which concept rather > scares me, since it hasn't been disclosed as part of the software > operations), OR The fact you think these are even reasonably conclusions tells me a lot about your reasoning skills. > 3) You're pulling numbers out of thin air. Indeed, I am, as an educated guess. Comodo is a root CA. You don't get root status by having a handful of customers. It's hard business to break into, and Comodo has been around a while. I find it hard to believe a company of their size and age has any fewer than ten thousand certs out there, and that's a lowball guess. There are many hundreds of millions of web users, and millions of websites. Do you really find it hard to believe at least 1% of those secure sites might be using a Comodo cert? -- Grey Hodge email [ grey @ burntelectrons.org ] web [ http://burntelectrons.org ] tag [ Don't touch that! You might mutate your fingers! ] motto [ Make everything as simple as possible, but no simpler. - Einstein ] _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
