[cabfpub] FW: SANS NewsBites Vol. 17 Num. 026 : Health Care Data Increased Risk; Federal CIOs Say OMB Reporting Requirements Not Helpful; US Retailers Must Adopt Chip-Based Payment Card Technology by October or Assume Breach Liability; China Delays...

Ryan Sleevi sleevi at google.com
Sat Apr 4 00:32:01 UTC 2015


On Fri, Apr 3, 2015 at 5:24 PM, Richard Wang <richard at wosign.com> wrote:

> I agree the editor opinion that browser should treat west CA same as China
> CA!
> Comodo and TurkTrust also issued the wrong cert for Google, but do NOT
> remove their root.
>

There's a lot fundamentally wrong here - both from Pescatore and from
Richard's statements above.

To the extent I can or will comment on this, I would encourage all
interested parties to read the "longer document" provided by Mozilla on
https://blog.mozilla.org/security/2015/04/02/distrusting-new-cnnic-certificates/
, which should make it abundantly clear the uniqueness of the situation and
the factors that go in to such decisions, none of which include nationality.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150403/b14c4542/attachment-0003.html>


More information about the Public mailing list