On Mon, Feb 3, 2025 at 10:12 AM Bastian Blank <[email protected]> wrote:
> On Mon, Feb 03, 2025 at 12:17:27AM -0800, 'Nick France' via > [email protected] wrote: > > Sectigo has nothing to do with the brand or assets of Entrust. They > remain > > with Entrust and were not part of this acquisition, as previously stated. > > However you clearly re-use some of the systems. From the Sectigo page, > it is clear that the Entrust management frontend is still in use: > > | Once the integration is in place later this year, you will be able to > | order Sectigo certificates directly from Entrust, and Sectigo will issue > | the certificates directly to you through Entrust Certificate Services > | (ECS). Isn't this just a basic certificate reseller setup, like Entrust had with SSL.com already? "Use our system to order their certs" is generally how it works because "our web front end" is the only real value that can be added by a reseller (other than rolodex, I suppose). I entirely approve of scrutiny being applied to Entrust's relationship with certificate issuance, but I think this matter seems pretty clearly settled at this point until there is any actual evidence of misuse or imminent risk. Mike -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CADQzZqusAaU-4uL%3D%2Bxz_0Y1x1_c98U%3D_P0AkOJrc0ujPFSD41g%40mail.gmail.com.
