 danny9Go Ahead, Make My DayPremium
join:2002-07-14
Clinton Township, MI
kudos:2 | reply to hayc59
Re: Comodo continues to issue certificates to known Malware Do you know if Comodo is the only one doing this or if it is a common practice among other vendors?
Just curious.
--
VoicePulse 07/29/04 |
|
|
|
| Other SSL Cert providers are doing the same thing. The issue is that Comodo also has a security product software line where the other cert providers don't.
--
Team Discovery Project Hope |
|
 coldmoonPremium
join:2002-02-04
Broadway, NC
 ·Windstream
| said by ColdinCbus:Other SSL Cert providers are doing the same thing. The issue is that Comodo also has a security product software line where the other cert providers don't. This complicates things I am sure, but does not always mean that the commercial services "division" is set up to support or coordinate with the PC security side of things. While on a personal note I would suggest strongly that this should be tighter, there is no obligation on the part of a company to follow a specific business or operational model.
The litmus test here is what the competition will do and whether taking an opposing approach to the current models will result in:
1. Greater market share
2. A realignment of the certificate industry that focuses on real security
What is important now is that this is being debated and exposed to a wider audience. At the very least it should give competitors something to think about...
JMHO
Mike
--
Returnil - 21st Century body armor for your PC |
|
1 edit | I totally agree with you. What I would like to see is that Comodo, at least, run the process through a database of rouge domains and IP addresses (I am pretty sure they are plugged into the same matrix we are if not even deeper in so they should have access to a pretty healthy list). That should flag some of the certificates for manual review. IT would be a step in the right direction for "Creating Trust Online".
--
Team Discovery Project Hope |
|
