<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<br>
On 10/17/2012 02:00 PM, From Robin Alden:
<blockquote cite="mid:05f801cdac5e$f2eaa660$d8bff320$@comodo.com"
type="cite">
<pre wrap="">That might prompt the question - 'Who says it's illegal?'.
And there, I guess, we come to a gap because although Comodo's CPS cites English Law we do not look to the English Legal system to make judgement before we revoke a certificate for 'illegality' - so from an outsider's point of view our standard is ultimately, I suppose, arbitrary.
</pre>
</blockquote>
<br>
I agree - we've revoked certificates upon requests from reputed
organizations which provided supporting evidence, specially in
relation to malware injections and similar stuff. We rely on other
mechanisms such as the BR provisions in order to prevent issuance
for sites that are or were immediately affected by similar
activities at their sites (usually due to a flaw at their software).<br>
<br>
And then we didn't revoke certain certificates with alleged
suspicious activities at their sites where no such evidence was
provided and no request from law enforcements or similar authorities
were made. Also illegal activities can be very different from
country to country (where sharing a nude picture could a criminal
offense).<br>
<br>
<br>
<div class="moz-signature">
<table border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td colspan="2">Regards </td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
<tr>
<td>Signer: </td>
<td>Eddy Nigg, COO/CTO</td>
</tr>
<tr>
<td> </td>
<td><a href="http://www.startcom.org">StartCom Ltd.</a></td>
</tr>
<tr>
<td>XMPP: </td>
<td><a href="xmpp:startcom@startcom.org">startcom@startcom.org</a></td>
</tr>
<tr>
<td>Blog: </td>
<td><a href="http://blog.startcom.org">Join the Revolution!</a></td>
</tr>
<tr>
<td>Twitter: </td>
<td><a href="http://twitter.com/eddy_nigg">Follow Me</a></td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
</tbody>
</table>
</div>
<br>
</body>
</html>