Eddy Nigg wrote: > On 01/04/2009 10:20 AM, Eddy Nigg: >> On 01/04/2009 04:48 AM, Ian G: >>> On the punishment side, about all we have is "drop the root!" which I >>> earlier described as a blunt weapon. Are we being sensible when we now >>> have to "drop the root" for the three CAs who have reported problems? > > Oh btw. where do you see three roots to drop?
The three CAs who have recently issued certs to unauthorized parties are RapidSSL (md5 hack), Certstar/Comodo, and StartCom. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
