Shows how most CEOs of even large companies are human like everyone else, not the "super mature", "super calculated", "super intelligent" begins they are made out to be. It's also important to note the arrogance - invented the 90 day trial :D
Tangential, but what in the hell is with the whole thing where company execs refuse to use "I" in a sentence? Read anything typed up by some founder or something, and you see sentence after sentence deliberately omitting self-reference. Here specifically: "If they have right to it then more than happy to comply"... If they have right to it then I am/we are more than happy to comply. Anytime someone posts email correspondence on HN, it's inevitably a conversation devoid of self-referential terminology, even in totally innocuous sentences. "More than happy to X. Concerned about the thing with Y. Call this afternoon after meeting with Z." It's totally annoying.
I remember reading an article a while back (couldn't find it through Google) that talked about how people with abusive tendencies (which this kind of tortured diatribe seems adjacent to) have an accompanying tendency to psychologically distance themselves from their actions by avoiding first-person constructions, eg. "and then it happened" instead of "and then I did it".
That being said, it sounds like the cause of the omissions of just the words of the first-person constructions this post uses is more likely to be rooted in English being Melih's second language.
Here's another example of what I'm talking about from a recent post on HN [0]. Specifically in that post, an email correspondence goes like this: "Thought sharing this framework with you prior to our convo would make it more efficient. Would love to get your perspective on this when we chat in the morning (your evening)."
See the weird omission of reference to self? Here's something I didn't originally intend to share... The reason I notice this is because I used to type emails like that. I don't know why I used to do that, but I eventually stopped doing it consciously because I thought it sounded weird, and years later noticed it in the situation I mentioned earlier. I find it annoying these days to read people doing it. I totally get what you're saying about ESL, but I'm referring to it happening outside of non-native English speakers. I'm interested in your initial suggestion, though. Thanks!
The historical example that comes to mind is telegrams, where the sender was charged per word, and consequently people omitted as many words as possible while keeping the message on the right side of comprehensible. Sometimes just barely; Wiki gives this example telegram from Orville Wright:
"Success four flights thursday morning all against twenty one mile wind started from Level with engine power alone average speed through air thirty one miles longest 57 seconds inform Press home Christmas"
I sometimes omit first-person pronouns and some other words when writing text messages, because I find it considerably more difficult to type there. The charitable interpretation I would give is that, if someone writes emails like this, either they're writing on an inconvenient mobile platform now, or they're used to writing on such a platform and write that way even with a proper keyboard.
I know that after I'd spent several years working in Japan and then returned to the United States, both my written and spoken language (English, in this case) had a marked (and remarked upon) paucity of self-referential pronouns.
I'm guessing, in this case, that this is just an ESL thing.
The use of "I" vs "we" has been studied by a lot of people in a lot of different contexts, and intelligent people have arrived at very different conclusions. So I have no idea what a complete lack of attribution means, but I'm leaning towards it being an extreme version of "we". I believe to be an avoidance of personal responsibility and a hamfisted attempt at emotional manipulation, because it has absolutely no influence over logically guided decision making.
Given that, I think it is his use of emphatic punctuation throughout the post which gives the impression that he is emotionally tilted, and not speaking in a professional capacity. He is using his public platform to deliver an impassioned rant. I don't think that's a result of him being a non-native speaker.
It's even sillier than that. Comodo has long offered a 90 day free trial cert. You have to pay to renew.
Let's Encrypt gives a 90 day free cert that's freely renewable as many times as you want along with an API to renew it. These aren't the same business models at all.
As far as I can tell, Let's Encrypt isn't a business model. It's funded by ISRG who describes themselves as a public-benefit corporation and is tax-exempt by the US tax authority. I don't see any direct profit motive for the ISRG itself, though there may be indirect profit benefits to the sponsors[1]. I don't see any direct ways Let's Encrypt takes payment; more likely, their revenue comes from donations.
What I don't get is why the CEO of Comodo, all the people on the thread all seem to assume Let's Encrypt has a business model, and that they are a competitor. The Comodo CEO seemed to keep coming back to that point, taking all of this personally. There is no business model to steal from Comodo because Let's Encrypt is not a business. And people kept responding and upholding that assumption?
Can someone give me a sanity check here on my logic? Am I the only person who sees this?
The Comodo CEO makes it sound as if Let's Encrypt was created to personally target him and his ideas. It's one thing to see Let's Encrypt as an existential threat, it's another to attribute malicious, personal intent on the part of Let's Encrypt. I don't think people are careful to make a distinction between impersonal competition and personal competition when speaking about this.
Also, by your argument, why would any CA allow the ISRG to use their certificates to sign free certificates? In the article I linked, there was a good argument made that creating a free SSL cert creates or enhances the market for more expensive certificates. There's a path open.
> If by "business model" you mean, "how do we keep the lights going", that's fair.
That was roughly my read. While "business" is frequently used as a synonym for "for profit company", that's not the only definition. Someone saying "that's none of your business" is unlikely to be talking about S corps.
> However, that's not the primary mission of Let's Encrypt.
It's the means by which they accomplish their primary mission. Can't encrypt the world if you can't keep your servers on.
Bittorrent uploaders in general don't have a "business model" but are still a threat and a "competitor" to copyright holders. And are still breaking the law.
The point Comodo guy is trying to make is they invented/own the 90-day certificate, or specifically the magic number 90.
If they actually do he has the moral right to be upset (but of course that doesn't mean trademark law or common sense stop being applicable to the words "Let's encrypt")
Seriously? Even the US patent office would balk at an application to patent 90-day trials or 90-day certificates. Also, Let's Encrypt isn't doing trials, so patenting the first wouldn't even make sense.
Yeah, but if it was a defensible patent they would still be on the hook for using it at all. Thankfully, Let's Encrypt could show literally hundreds of cases of prior art for X-day trials.
As they should when they're so divorced from reality that they provide the justifications that this guy has. Open dialog is nice, but it doesn't mean much when the underlying message is that of hostility.
No, but I'd feel better if he didn't spout a whole pile of gobbledygook. Let's just say that if this were the CEO of the company I was working for when faced with an existential crisis such as 'lets encrypt' I'd be out in a hurry. This can't end well and in spite of the situation he's still the most visible part of Comodo and should have a very cool and wise head at times like these.
If this is any reflection on his mental state and processes Comodo is dead.
I've seen this happen before at a company that I'm too embarrassed to name, where leadership started to behave irrationally like ants infected by zombie fungus. The CEO wanted laptops to be stocked in checkout aisles - where impulse buy items go... I knew right then that we were dead. I don't think this guy has fungus on the brain, but there is an unseen cause: maybe it is ISRG eating his lunch, or maybe the thought of Microsoft doing the same as Win 10 pushes into the corporate environment.
> He actually tries to justify (or deflect) stealing the Let's Encrypt trademark by claiming LE stole the concept of a 90-day cycle. Ridiculous.
You can patent business methods, but saying a 90-day cycle is an "inventive concept" would likely cause a competent attorney to take you to one side and quietly convince you to not point that fifty-caliber BMG at your leg.
That's not really the heart of the issue. He seems to be taking it as a point of honor, as if someone is stealing his business model ... but LE isn't a business.
Comodo might or might have innovated a 90-day free trial. But let's say for a moment that Comodo did invent the 90-day free SSL trial. The intent is for the promotional purpose of purchasing paid products. LE has no paid tiers, and the primary motivation is to help the internet get encrypted, not to sell certificates. What's ridiculous isn't the idea that a 90-day cycle got "stolen", but that the Comodo CEO persistently thought of ISRG as a business competitor when they are not even in business. (No one is fighting you, dude).
What I don't get is why so many people kept playing into that erroneous assumption of his instead of calling him on it.
Just because they are not in it for profit doesn't mean they are not a competitor to his business. It actually makes it worse from a purely business perspective.
Sure, but most CEO's tend to determine exactly what their public-facing position IS before speaking. In this case he looks the fool as they're walking back his statements.
Either someone who doesn't know the law trying to look smart, or someone who does know the law trying to bullshit their way into being able to own more than the union of copyright law, patent law, and trademark law actually allow them to own. Believe it or not, the law doesn't recognize "It's mine because I scream loudly enough" as a valid concept.
> Trying to piggy back on our business model and copying our model of giving certificates for 90 days for free is not ethical.
I can't even imagine what he was thinking when he was saying this. Well, I can imagine dissonance, but not on the level from where this comes. It's literally insane, given it's business, and software business at that.
> With LE now being an operational business, we were never going to take the these trademark applications any further. Josh posted a link to the application and as of February 8th it was already in a state where it will lapse.
> Josh was wrong when he said we’d “refused to abandon our applications”. We just hadn’t told LE we would leave them to lapse.
> We have now communicated this to LE.
On LE's blog post, they mention that they have repeatedly asked Comodo to abandon the applications since March 2016. If Comodo was going to let the applications lapse as they claim, why not communicate this at the earliest opportunity?
To me this is a dodgy answer at best. I am not so familiar with trademark law, but I don't believe that an application "being in a state where it will lapse" is in any way disarmed - it is my impression that Comodo could simply have opted to continue the process, but is pretending that they wouldn't have in order to avoid bad press.
> If Comodo was going to let the applications lapse as they claim, why not communicate this at the earliest opportunity?
Poor internal communication between the people talking with Comodo and the decisionmakers? Not wanting to give the time of day to the competition, lest they avoiding wasting their time and resources? Deferring committing to the decision until the last moment, in case they change their mind? I can buy it.
> it is my impression that Comodo could simply have opted to continue the process, but is pretending that they wouldn't have in order to avoid bad press.
Based on my (non-lawyer) understanding, a trademark application sounds very much like "not a trademark", and an application that Comodo would eventually lose thanks to clear and conflicting objections from the people actually using the term. I don't think they could've continued indefinitely. I think they would have eventually dropped the process, if only through inaction by allowing the application to expire. I can buy that they were at the point where they were planning internally to drop the process.
Not out of any noble reasons, mind you - they'd have dropped it earlier, I think, if those were the cause. Filing in the first place may have been an act of bad faith. It's just not in Comodo's best interests to not fight a loosing battle to the point that it looses them the war, so to speak. Although it might be a bit late for that.
How is it that the Comodo CEO kept assuming Let's Encrypt and ISRG is a business, when it isn't? It's like he's fixated on that assumption and is dragging everyone else into it.
Further, the last time I read through things about trademarks, my understanding is that they don't work the way some of the people posting say it does. Trademarks are influenced by whether it is a distinguishing mark or not. You can lose trademark protection if it comes into common use. Once registered, you have to keep defending it as a distinguishing mark. So I'm not sure where the "paralegal" in that forum thread is coming up with the argument that it somehow works like a "first-to-file" -- the person who possesses the paperwork possesses the right.
Maybe my understanding is incorrect. If it isn't off though, I can see their lawyers saying, Comodo really doesn't have much of a case (but it'd still eat up a lot of time and resources a small non-profit won't have).
The paralegal in that forum thread is also talking about copyright -- and claims some knowledge about it. Yet this issue centers around trademarks, which are very different from copyrights.
Great to see a resolution to this issue, but this doesn't change the huge distrust in the organisation I've now gained. I won't be for the foreseeable future be buying any Comodo service again. They're clearly horribly misaligned with my values.
We are switching our Comodo certs over to Let's Encrypt because certain old Android versions we have to support work with LE certs but not with Comodo. Particularly important for APIs.
The 90 day expiry is a bit of a faff, but we've mostly automated it using acme.sh and automated DNS edits, and now we just need load balancer access (we just moved to new hosts). LE is a godsend and fully up to commercial use in our experience.
After this, there is no way on earth we're giving Comodo money again. I would rather pay Thawte than these bozos.
Comodo certs have two possible chains. If you want to be supported by older Android (and older iOS) devices, you needed to configure your server to hand out the longer of the chains. When you buy a cert, this is not the chain they will recommend.
This is easy under Linux if you can find the right certs, a huge PITA if you're on IIS.
They do an incredibly poor job of documenting this or informing their support on how to address it.
No write up anywhere that I ever found. The best investigative tool is the SSLLabs SSL test, which will show you both possible paths from the cert. By looking at which certificates that test shows the server provided, you can divine which path things are going to take.
If you find yourself landing at a root CA which is newer and not trusted by as many devices, those devices won't intelligently realise it's cross-signed, unless you switch the certs the server offers to send them up that path.
I'll never be sure if this is true, but it will be in my memory... User robinalden is the CTO, who I tweeted ~2h before the response was posted (https://twitter.com/viraptor/status/746138644537237504). Given that he only posted 13 times on those forums, I hope I actually caused him to ask Melih what he's doing :)
We have confirmed that Comodo submitted Requests for Express Abandonment for all three trademark registration applications in question. We’re happy to see this positive step towards resolution, and will continue to monitor the requests as they make their way through the system.
We’d like to thank our community for their support."
Alas, it's too late to save the business they lost forever from my company and others who switched our business to another provider literally yesterday. Thanks Comodo, for letting us know you are not a company we wish to do business with.
Beside abusing the legal system, there is something else called right and wrong by common sense. A CEO does not get that really should try a different job.
This happened on the other link to their message board, and it doesn't surprise me - the CEO has plopped himself in the middle of a very charged issue, making it difficult to discuss the issue without it getting personal. HN is great, due in large part to the moderators knowing what they're doing, but a little more transparency on flagging would be nice (like @dang's unlink and retitle messages). This sort of thing is only going to become more important as information manipulation in old media becomes less effective on people who form their opinions in places like this.
OK, I won't change my nick to ComodoPhacker this time as I planned to.
Does anyone know a good free alternative to their Comodo Internet Security product? I know there are plenty of free AV products, but I also use its firewall and HIPS features, especially detailed logging.
https://forums.comodo.com/general-discussion-off-topic-anyth...