Hi Yoav,
At 11:41 13-09-2011, Yoav Nir wrote:
Six months ago we would not have thought that Comodo or DigiNotar
were easy to hack. In the latter case, the customers of DigiNotar
were left out in the cold. Without
"The DigiNotar partnership has laid down its security policy in
action protocols
and technical protocols. For safety reasons, these documents are
not publicly
available, which means that they are unavailable for inspection."
"A regular audit is performed by an independent external auditor to
assess Comodo's compliance with the AICPA/CICA WebTrust program for
Certification Authorities."
People get sloppy. Businesses get complacent. At the end of the
day, it is a business decision.
Regards,
-sm
_______________________________________________
websec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/websec
