[cabfpub] Question on CT: Monitoring
rob.stradling at comodo.com
Fri Dec 20 22:24:29 UTC 2013
On 20/12/13 21:49, Eddy Nigg (StartCom Ltd.) wrote:
> On 12/20/2013 11:42 PM, From Rob Stradling:
>> On 20/12/13 21:19, Eddy Nigg (StartCom Ltd.) wrote:
>>> Allow me to annoying again...
>>> CAs don't need CT to monitor and review their issued certificates (and
>>> process thereof). They are REQUIRED and MUST do that already today...
>> AIUI, whoever breached DigiNotar was able to misissue certs and
>> prevent these certs from appearing in DigiNotar's database of issued
> Just for the record, Diginotar knew it was breached and also revoked
> some certificates at the earlier stages, but continued operation and
> cover-up which just made it worse.
Indeed. However, apparently it took 9 days for them to discover the
breach. CT would've hopefully helped them notice quicker (and it
certainly would've made a cover-up impossible!)
Senior Research & Development Scientist
COMODO - Creating Trust Online
Office Tel: +44.(0)1274.730505
Office Fax: +44.(0)1274.730909
COMODO CA Limited, Registered in England No. 04058690
3rd Floor, 26 Office Village, Exchange Quay,
Trafford Road, Salford, Manchester M5 3EQ
This e-mail and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they are
addressed. If you have received this email in error please notify the
sender by replying to the e-mail containing this attachment. Replies to
this email may be monitored by COMODO for operational or business
reasons. Whilst every endeavour is taken to ensure that e-mails are free
from viruses, no liability can be accepted and the recipient is
requested to use their own virus checking software.
More information about the Public