<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <br>
    <div class="moz-cite-prefix">On 11/19/2014 11:27 PM, Brian Smith
      wrote:<br>
    </div>
    <blockquote
cite="mid:CAFewVt5SrRGoWTOoGjj_roBaCSzk_mBhHTSG_FrDEKbZUy_SZw@mail.gmail.com"
      type="cite">
      Is it really necessary to revoke the facebookcorewwwi.onion
      certificate? <br>
    </blockquote>
    <br>
    Well....any half-serious CA should know that ANYBODY can get a
    certificate for exactly this host name provided they A) issue still
    certificates for such (internal) host names and B) also allow the
    use high-profile names and brands in the host names for others than
    the actually name/brand owners.<br>
    <br>
    Unfortunately I must assume that there are CAs that still do exactly
    both of that.<br>
    <br>
    <div class="moz-signature">-- <br>
      <table border="0" cellpadding="0" cellspacing="0">
        <tbody>
          <tr>
            <td colspan="2">Regards </td>
          </tr>
          <tr>
            <td colspan="2"> </td>
          </tr>
          <tr>
            <td>Signer: </td>
            <td>Eddy Nigg, COO/CTO</td>
          </tr>
          <tr>
            <td> </td>
            <td><a href="http://www.startcom.org">StartCom Ltd.</a></td>
          </tr>
          <tr>
            <td>XMPP: </td>
            <td><a href="xmpp:startcom@startcom.org">startcom@startcom.org</a></td>
          </tr>
          <tr>
            <td>Blog: </td>
            <td><a href="http://blog.startcom.org">Join the Revolution!</a></td>
          </tr>
          <tr>
            <td>Twitter: </td>
            <td><a href="http://twitter.com/eddy_nigg">Follow Me</a></td>
          </tr>
          <tr>
            <td colspan="2"> </td>
          </tr>
        </tbody>
      </table>
    </div>
  </body>
</html>