On Fri, 2 Mar 2018 16:10:52 +0900 Hector Martin 'marcan' via dev-security-policy <dev-security-policy@lists.mozilla.org> wrote:
> And what does Comodo think of all of this? I'd like to second this. When I wrote the original mail in this thread I considered adding questions to Comodo, but I thought it's so obvious and Comodo people will see this anyway that it's not necessary. But yesterday, hours after the whole Trustico thing was unfolding, Comodo's Twitter account sent out tweets indicating that they're proud to be the new partner of Trustico: https://twitter.com/Comodo_SSL/status/969302576649908226 So hereby I'd like to ask Comodo: * Do you have any security vetting of your certificate reseller partners? Do you expect them to follow good security practice? * Do you believe - given the events of recent days - that Trustico follows good security practice? -- Hanno Böck https://hboeck.de/ mail/jabber: ha...@hboeck.de GPG: FE73757FA60E4E21B937579FA5880072BBB51E42 _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy