Duane wrote:
Shouldn't Geotrust/Comodo's CPS cover all these kinds of questions? If
not they are in breach and they should have direct obligations to
Mozilla etc...
Geotrust's documents are here:
http://www.geotrust.com/resources/repository/legal.asp
I checked the "Reseller Agreement" - basically, FlySSL just passes the
data to Geotrust, which does the work. So there's no increased risk of
bad cert issuance.
Gerv
_______________________________________________
dev-security mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security
