On 3/5/09 15:43, Eddy Nigg wrote:
On 05/03/2009 10:06 AM, Ian G:
(2), there exists a standard need in audits to discuss disaster
recovery. Curiously, this does not appear to be documented anywhere,
draw your own speculations
It's usually addressed in internal CA documentations and audited
On 3/5/09 15:32, Ben Bucksch wrote:
On 03.05.2009 09:06, Ian G wrote:
(5) possibly as consequence of all the above, it can be claimed that
it is an empty threat, and no more than a security/marketing tool for
PKI people.
Consequently, we need to either:
* Make that threat not empty
This is
Ben Bucksch wrote:
> FWIW, I have removed Comodo from my browser's roots, and I have
> encountered only 2 sites recently which used it, despite going to quite
> some online shopping sites (SSL part).
So did I and I did not encounter any sites I accessed since then being
affected by this.
Ciao, Mi
On 05/03/2009 10:06 AM, Ian G:
(2), there exists a standard need in audits to discuss disaster
recovery. Curiously, this does not appear to be documented anywhere,
draw your own speculations
It's usually addressed in internal CA documentations and audited
accordingly. Disaster recovery
On 03.05.2009 09:06, Ian G wrote:
(5) possibly as consequence of all the above, it can be claimed that
it is an empty threat, and no more than a security/marketing tool for
PKI people.
Consequently, we need to either:
* Make that threat not empty
* Create other ways to make CAs behave when the
On 2/5/09 17:50, Paul Hoffman wrote:
Peter Gutmann asked on a different mailing list:
Subject says it all, does anyone know of a public, commercial CA (meaning one
baked into a browser or the OS, including any sub-CA's hanging off the roots)
ever having their certificate revoked? An ongoing pr
6 matches
Mail list logo
