One of Comodo's registration authorities was breached, but not Comodo themselves... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

agwa on March 23, 2017 | parent | context | favorite | on: Intent to Deprecate and Remove: Trust in Existing ...

One of Comodo's registration authorities was breached, but not Comodo themselves. Comodo were able to detect the breach and cut off the compromised RA because they were monitoring what their RAs were doing. Symantec, on the other hand, didn't know that their RAs were mis-validating certificates until I noticed and told them.

(Registration authorities are third parties that perform certificate validation on behalf of the CA. I think Comodo bears some responsibility for delegating validation to an RA that was compromised, but Symantec's conduct has been so much worse in comparison.)

throwaway1992 on March 24, 2017 [–]

It wasn't one but three authorities which have been breached.

And maybe you should disclose that you are a Comodo reseller.

agwa on March 24, 2017 | [–]

I used to be a Symantec reseller too before I realized how bad they were. I only do business with CAs which I actually believe are good.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact