On Sat, Jan 5, 2013 at 3:26 PM, Ryan Hurst <ryan.hu...@globalsign.com> wrote: > Ian, I do agree with you that the dynamic configurations of them firewall is > the most suspect part of the story. > > I'm inclined to give them the benefit of the doubt based on my experience > managing some UI related efforts inside of Windows -- aka today modern > software makes an effort to intuit user intent based off of action. > I think we need a screen shot of the UI in question. I have not managed a Checkpoint firewall in years, but I have my suspicions. That might offer something fairly conclusive about the willfulness of the end customer.
TurkTrust likely sold the certificates in pursuit of profits. I don't think there's any doubt about that. Are they not responsible for their actions (even if it was a mistake in hindsight)? OT: what are folks going to do when a data breach occurs in someone else's cloud provider and your PII/SSN goes flying out the window. Worse, bury it in layers of corporate indirection so its nearly impossible to be made whole. Are folks going to give those negligent the benefit of the doubt and say its OK? Jeff _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography