There's been some criticism here regarding standards that impose high requirements for financial viability of a CA as well as costly audit regimes.
But those requirements do play a role. Witness the ongoing meltdown of the ICANN registrar registerfly.com, which is stranding hundreds of thousands of domain owners. Registerfly.com is also an SSL issuer, both for Geotrust and on its own account, mainly of low end SSL. Should those be revoked or transferred to another CA? What's Moz's position on a failing CA? _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
