[SSL Observatory] Debate about implications of Observatory data
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Sun Apr 10 05:18:52 PDT 2011
Seth David Schoen <schoen at eff.org> writes:
>See this message and its (currently) two followups:
He's splitting hairs. A Comodo RA could, until recently, request the CA to
issue any certificate it wanted. RAs can't sign certs, but they control a CA
that can, and that CA will sign a cert in anyone's name. It's like the red-
herring claim that "Our private key wasn't compromised", a CA can put up a
public web page through which anyone can request any cert in any name, but
still claim that their private key wasn't compromised.
Peter.
More information about the Observatory
mailing list