On Wednesday, November 2, 2016 at 11:42:00 PM UTC+1, Kristian Fiskerstrand 
wrote:
> On 11/02/2016 11:38 PM, Peter Kurrasch wrote:
> > This raises an interesting point and I'd be interested in any comments
> > ‎that Comodo or other CA's might have.
> > 
> 
> It really seems like a matter of discussion for the terms of agreement
> and interaction between the user and service provider, and not a CA matter.
> 

This is true in general. But when the used practice of validating a domain is
possible against the will and knowledge of the domain owner, ... I guess that
puts the CA in trouble at some point as well. Even if it is only in form of a
loss of trust.

> 
> -- 
> ----------------------------
> Kristian Fiskerstrand
> Blog: https://blog.sumptuouscapital.com
> Twitter: @krifisk
> ----------------------------
> Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
> fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
> ----------------------------
> Aurum est Potestas
> Gold is power
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Reply via email to