Well, I would like to defer to Mozilla's judgement here, as it comes from their truststore. On the other hand we do not have the possibility, to my knowledge, to add an intermediate CA to the package with some negative trust value. So we would need to prune Comodo completely.
As stated CertStar is a contracted RA of Comodo, so they have their own domain validation in place, in constrast to normal resellers. I also see the problem that we would cut off thousands of valid certificates, those which were issued by Comodo instead of, say, PositiveSSL (if this is the RA CertStar operates). ** Bug watch added: Mozilla Bugzilla #470897 https://bugzilla.mozilla.org/show_bug.cgi?id=470897 ** Also affects: nss via https://bugzilla.mozilla.org/show_bug.cgi?id=470897 Importance: Unknown Status: Unknown -- comodo seen issuing certificates unwisely https://bugs.launchpad.net/bugs/310999 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
