WoSign has so far announced nothing about those incidents or immediate distrust 
(Apple and Mozilla) to its end users. On the contrary, WoSign had a press 
release dated Oct 8th (https://www.wosign.com/news/netcraft-ssl-oct.htm) titled 
"WoSign SSL certs reaches almost 50% market share in China". In the press 
release, it stated that "WoSign's achievement today is due to company founder 
and CEO Richard Wang leads all staff to be dedicated". WoSign is depicted as 
this positive, strong growing company. Nothing about its distrust in the 
immediate future is mentioned. 

In Oct 7th, in the incident report in English, WoSign admitted multiple 
intentional mistakes and deceptions  
(https://www.google.com/url?q=https%3A%2F%2Fwww.wosign.com%2Freport%2FWoSign_Incident_Report_Update_07102016.pdf&sa=D&sntz=1&usg=AFQjCNGRzAxwYrEEiA_SN5gfcsftSst0nA)
 and that the CEO Richard Wang to be relieved of its duties. 

I'm calling WoSign out on this two-faced behavior towards Chinese end users and 
foreign security researchers.
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Reply via email to