On 12/29/2008 10:23 PM, Grey Hodge:
Indeed, I am, as an educated guess. Comodo is a root CA. You don't get root status by having a handful of customers.
The amount of customers never was a known criteria of CAs business practices ever.
It's hard business to break into, and Comodo has been around a while. I find it hard to believe a company of their size and age has any fewer than ten thousand certs out there, and that's a lowball guess. There are many hundreds of millions of web users, and millions of websites.
Isn't the responsibility of a CA this size much greater and breach of trust going to affect many? Is a breach of trust justified and acceptable because of the size of a CA or shouldn't that CA provide extra care?
(For your knowledge, Netcraft confirms these days about one million secured web sites altogether, 10-15 percent belonging to Comodo I think, which is of course still a lot. But it's not millions of web sites. Additionally Comodo has many different roots and as I understood from Kyle, he suggested to look at the affected ones.)
-- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: start...@startcom.org Blog: https://blog.startcom.org _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
