[SSL Observatory] Another Comodo Blog Post
Steve Schultze
sjs at princeton.edu
Fri Mar 25 19:08:02 PDT 2011
PHB has another one:
http://blogs.comodo.com/it-security/data-security/the-changing-threat-model/
Also, Robin Alden has said he will follow up on the m.d.s.p list on monday:
http://groups.google.com/group/mozilla.dev.security.policy/browse_thread/thread/ce02a61ce4c8c67f#1df2644abf1d52fc
Robin was the one that said the following more than a year ago:
"We do still have a subset of our sales partners who are able to act as RAs, but since this debacle over CertStar we have retrofitted our own DV process into the RA's ordering process in the vast majority of cases. By 'our own DV process', I mean that Comodo performs an automated check of domain control by sending (and confirming receipt of) an email to an address which is either on the domain to be validated or is explicitly mentioned in the WHOIS entry for the domain to be validated."
https://bugzilla.mozilla.org/show_bug.cgi?id=470897#c68
More information about the Observatory
mailing list