Hello, The following screenshot is from Comodo's forums. Either their forums have been breached and the account of the CEO is being misused, or this is an actual post from their CEO.
https://imgur.com/7MfFBar Comodo's CEO seems to be claiming that they created the Let's Encrypt brand and that it is ISRG that is misusing the trademark. From my knowledge of the facts, I would be extremely surprised if that is actually true. The root inclusion guidelines are designed to ensure that only honest and trustworthy organizations are included as CAs, and that they follow prudent practices for assessing the identity of their subscribers. Accurate assessment of who is entitled to trade under what name is a core comptency of a CA. Failure to make this assessment correctly makes them unfit to issue EV certificates, and possibly other certificate types too. One of either Comodo or ISRG seem to be conducting a phishing attack on the other, and are using the legal system to make the attack even more effective. I urge the community to examine if one of these companies has violated our standards for inclusion. If it is ISRG, we should deny their request for inclusion. If it is Comodo, we should remove their root from the trust list and/or remove the EV trust bits. John _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
