On Thu, Mar 9, 2017 at 11:02 PM, Jakob Bohm via dev-security-policy <dev-security-policy@lists.mozilla.org> wrote: > > Of all these, Starfield seems to be the only case where a single CA > name now refers to two different current CA operators (GoDaddy and > Amazon). All the others are cases of complete takeover. None are > cases where the name in the certificate is a still operating CA > operator, but the root is actually operated by a different entity > entirely.
There are a number of examples, but many of them are older and have been removed from trust stores (usually due to key size): Certplus - operated by both Docusign and Wosign Starfield - Go Daddy and Amazon TC TrustCenter - Symantec and Deutscher Sparkassen Verlag GmbH (S-TRUST, DSV-Gruppe) USERTRUST UTN-USERFirst - Symantec and Comodo ValiCert - Go Daddy, SECOM, and RSA Thanks, Peter _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy