----- Original Message ----- > From: "Roland Dobbins" <rdobb...@arbor.net> > To: "nanog group" <nanog@nanog.org> > Sent: Friday, 25 March, 2011 9:33:27 AM > Subject: Re: The state-level attack on the SSL CA security model > On Mar 24, 2011, at 6:41 PM, Florian Weimer wrote: > > > Disclosure devalues information. > > > I think this case is different, given the perception of the cert as a > 'thing' to be bartered. >
Isn't there any law that obliges company to disclose security breaches that involve consumer data?