Eddy Nigg (StartCom Ltd.) wrote:
Let's assume for the sake of argument that we are no longer happy
about FlySSL's business.
You mean, you are not happy anymore about Geotrust/Comodo business?
Regfly has no connection to Mozilla whatsoever...
Indeed not.
I guess it depends how their business operates. If they just get details
from applicants and pass them on to Geotrust and Comodo for
verification, then we don't have a problem. However, if Registerfly are
responsible for verifying part or all of the data, there is an increased
risk that erroneous certificates could be issued.
Gerv
_______________________________________________
dev-security mailing list
dev-security@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security