Author Topic: Shame on you, Comodo!  (Read 92382 times)

Offline michaelrose

  • Newbie
  • *
  • Posts: 6
Re: Shame on you, Comodo!
« Reply #45 on: June 25, 2016, 05:05:18 AM »
Perhaps you meant to say I was wrong but it's OK I guess I've said everything that I meant to say at this point.

Offline captainsticks

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11198
    • Comodo Help
Re: Shame on you, Comodo!
« Reply #46 on: June 25, 2016, 05:24:22 AM »
So please leave me out of any further posts you may have on this subject....
Perhaps you meant to say I was wrong but it's OK I guess I've said everything that I meant to say at this point.
Hi michaelrose,
You obviously haven't read the Forum Policy properly or choose to ignore it.
Please respect other members wishes when they say to leave them out of any further discussion, or further action will be taken.

Thank you.


Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 25611
Re: Shame on you, Comodo!
« Reply #47 on: June 25, 2016, 09:55:51 AM »
Perhaps you meant to say I was wrong but it's OK I guess I've said everything that I meant to say at this point.
That was an unnecessary stab; that's flaming. You are at the mod's radar and you're close to getting the boot. Do not respond to this other than by pm.

Offline My1

  • Comodo Member
  • **
  • Posts: 26
Re: Shame on you, Comodo!
« Reply #48 on: June 25, 2016, 10:30:42 AM »
That was an unnecessary stab; that's flaming. You are at the mod's radar and you're close to getting the boot. Do not respond to this other than by pm.
I hope he gets the message.
do you REALLY need to double post just for that?

Can you define "malicious certs"? ISGR absolutely has revocation infrastructure in place, as far as I know, but only uses it for falsely issued and compromised certificates.

It sounds like you're thinking more of malware/phishing, where the certificate is correctly issued on a domain level, but used for 'nefarious' purposes. In that case, it should be none of the CA's business what the certificate is used for - the only purpose of a CA-signed DV is to validate that a certificate is legitimate for a given domain.

by the way even for an EV certificate the basline explicitly states:

Quote
2.1.3.
Excluded Purposes
EV Certificates focus only on the identity of the Subject named
 in the Certificate, and not on the behavior of the Subject. 
As such, an EV Certificate is
not
 intended to provide any assurances, or otherwise represent or
warrant:
1 That the Subject named in the EV Certificate is actively engaged in doing business;
2 That the Subject named in the EV Certificate complies with applicable laws;
3 That the Subject named in the EV Certificate is trustworthy, honest, or reputable in its business dealings; or
4 That it is “safe” to do business with the Subject named in the EV Certificate

Offline captainsticks

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11198
    • Comodo Help
Re: Shame on you, Comodo!
« Reply #49 on: June 25, 2016, 10:42:29 AM »
do you REALLY need to double post just for that?....
Hi My1,
I would imagine the double posting to be accidental.
You are appearing to be a very negative judgmental person, this is not the first time you have questioned a Moderator for an issue that doesn't even involve you.
More to the point, if you have an off topic issue with a Moderator please use the PM function or see the link below and that goes for this post as well.
How to appeal against Moderators decisions

Thank you.

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14651
    • Video Blog
Re: Shame on you, Comodo!
« Reply #50 on: June 25, 2016, 11:21:35 AM »
Can you define "malicious certs"? ISGR absolutely has revocation infrastructure in place, as far as I know, but only uses it for falsely issued and compromised certificates.

It sounds like you're thinking more of malware/phishing, where the certificate is correctly issued on a domain level, but used for 'nefarious' purposes. In that case, it should be none of the CA's business what the certificate is used for - the only purpose of a CA-signed DV is to validate that a certificate is legitimate for a given domain.

There is an ecosystem of great people out there who fight spammers, malware sites etc.
When these people identify these malicious activities, they alert us. Responsible CAs immediatly revoke these certificates after their internal checks. As you will appreciate the time it takes to revoke these are of paramount importance. Every minute passing by, these sites are hurting someone on the internet.

My understanding was that, ISGR when they launched did not have the infrastructure to revoke these certificates in a timely manner. If they have this now, would be great to get some metrics on how quickly they do it (if they do it).

Offline Sanya IV Litvyak

  • Comodo's Hero
  • *****
  • Posts: 4214
  • Lurking
Re: Shame on you, Comodo!
« Reply #51 on: June 25, 2016, 11:24:51 AM »
There is an ecosystem of great people out there who fight spammers, malware sites etc.
When these people identify these malicious activities, they alert us. Responsible CAs immediatly revoke these certificates after their internal checks. As you will appreciate the time it takes to revoke these are of paramount importance. Every minute passing by, these sites are hurting someone on the internet.

My understanding was that, ISGR when they launched did not have the infrastructure to revoke these certificates in a timely manner. If they have this now, would be great to get some metrics on how quickly they do it (if they do it).

Does Comodo have those statistics for the public to see? I'd like to see them.
I support privacy and freedom online - eff.org

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14651
    • Video Blog
Re: Shame on you, Comodo!
« Reply #52 on: June 25, 2016, 11:27:10 AM »
Does Comodo have those statistics for the public to see? I'd like to see them.
Its pretty much "Instant" with us. We don't have any patience for any malicious activity. That is why we run 24/7/365 support department. Not sure ISGR does have 24/7/365 support operation to do that?. As you will appreciate even 1 minute of phishing website being online will cause harm to many users on Internet.
http://www.ccssforum.org/

« Last Edit: June 25, 2016, 11:32:20 AM by Melih »

Offline JoWa

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 5953
  • I believe in doubt.
    • Evolutionary history of life
Re: Shame on you, Comodo!
« Reply #53 on: June 25, 2016, 01:08:30 PM »
As you will appreciate even 1 minute of phishing website being online will cause harm to many users on Internet.
Revoking the certificate doesn’t make the site go offline. It’s still accessible over an insecure connection (or a secure one if it gets a new certificate). Isn’t it more urgent to get the domain with fraudulent or malicious content blocked (by Safe Browsing, SmartScreen etc) and taken down, than getting the certificate revoked?
Ubuntu 19.10 | Firefox 71β | HTTPS Everywhere | Privacy Badger
Forum Policy | Comodo Product Help

Offline My1

  • Comodo Member
  • **
  • Posts: 26
Re: Shame on you, Comodo!
« Reply #54 on: June 25, 2016, 01:27:01 PM »
And as said by different people the cert doesn't say "this is a nice person" but just you are really connection to this domain or company

Offline michaelrose

  • Newbie
  • *
  • Posts: 6
Re: Shame on you, Comodo!
« Reply #55 on: June 25, 2016, 01:35:04 PM »
I'm still disappointed that your ceo hasn't provided a meaningful apology or even admission of wrong doing.

its like a robber was caught red handed robbing your house and while you are live streaming this on YouTube he proclaims, your TV in hand, that the right thing to do is to let the courts decide and stop judging.

Then the robber starts trashing you for having dishes in the sink and complaining that you clearly have the same couch as he does.

Incidently it was highly necessary to demolish the misinformation provided on this thread and difficult to be nice about doing so. When someone leans on false authority to promote disinformation it hurts everyone's understanding.

When Melih tries to distract and detract from wrong doing it leads me and everyone else to believe that he is dishonest and will given a chance act unethically.

If he is untrustworthy then so is Comodo. If that is hurtful and banning me here makes you feel better then go ahead but it won't restore your rep or save anyone's job when business takes a turn for the worse.

Offline captainsticks

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11198
    • Comodo Help
Re: Shame on you, Comodo!
« Reply #56 on: June 25, 2016, 06:56:26 PM »
....it leads me and everyone else to believe....
Unless you are some divine creature, you can't speak or think for everyone and especially not me.
You have said your piece, so now it is time to move onto something new and exciting (Its called a life).

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 25611
Re: Shame on you, Comodo!
« Reply #57 on: June 25, 2016, 07:09:19 PM »
I'm still disappointed that your ceo hasn't provided a meaningful apology or even admission of wrong doing.

its like a robber was caught red handed robbing your house and while you are live streaming this on YouTube he proclaims, your TV in hand, that the right thing to do is to let the courts decide and stop judging.
The situation was solved outside the courts as was stated at the first page of this topic and in a separate post in this board:
With LE now being an operational business, we were never going to take the these trademark applications any further.  Josh posted a link to the application and as of February 8th it was already in a state where it will lapse.

Josh was wrong when he said we’d “refused to abandon our applications”.  We just hadn’t told LE we would leave them to lapse.

We have now communicated this to LE.

Comodo has filed for express abandonment of the trademark applications at this time instead of waiting and allowing them to lapse.

Following collaboration between Let's Encrypt and Comodo, the trademark
issue is now resolved and behind us and we'd like to thank the Let's Encrypt
team for helping to bring it to a resolution.


Quote
Then the robber starts trashing you for having dishes in the sink and complaining that you clearly have the same couch as he does.

Incidently it was highly necessary to demolish the misinformation provided on this thread and difficult to be nice about doing so. When someone leans on false authority to promote disinformation it hurts everyone's understanding.

When Melih tries to distract and detract from wrong doing it leads me and everyone else to believe that he is dishonest and will given a chance act unethically.

If he is untrustworthy then so is Comodo. If that is hurtful and banning me here makes you feel better then go ahead but it won't restore your rep or save anyone's job when business takes a turn for the worse.
With regards to the latter; I'm shaking and trembling in my boots with fear. ;) And before I forget. Moderators are not Comodo employees. We're end users like everybody else.

You're a smart man who knows how to read rules so you must have read the Forum Policy and know where we draw the line.

Offline joepie91

  • Newbie
  • *
  • Posts: 3
Re: Shame on you, Comodo!
« Reply #58 on: June 25, 2016, 07:41:12 PM »
There is an ecosystem of great people out there who fight spammers, malware sites etc.
When these people identify these malicious activities, they alert us. Responsible CAs immediatly revoke these certificates after their internal checks. As you will appreciate the time it takes to revoke these are of paramount importance. Every minute passing by, these sites are hurting someone on the internet.

That is an extremely worrying stance. It is absolutely not the CA's job to be content-policing, but rather that of hosting providers and client blacklist maintainers (eg. Safe Browsing). The CA does not need to be involved here, and all it does is creating an additional avenue of pressure to harass controversial sites, by removing their ability to have transport encryption. This already happens through payment processors, and now you are suggesting to needlessly do the same for TLS certificates! That breaks the web, it doesn't protect it.

Your job as a CA is to validate identities, nothing more, nothing less. If you step outside of those bounds, you become a threat to the internet.

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14651
    • Video Blog
Re: Shame on you, Comodo!
« Reply #59 on: June 25, 2016, 07:50:03 PM »
That is an extremely worrying stance. It is absolutely not the CA's job to be content-policing, but rather that of hosting providers and client blacklist maintainers (eg. Safe Browsing). The CA does not need to be involved here, and all it does is creating an additional avenue of pressure to harass controversial sites, by removing their ability to have transport encryption. This already happens through payment processors, and now you are suggesting to needlessly do the same for TLS certificates! That breaks the web, it doesn't protect it.

Your job as a CA is to validate identities, nothing more, nothing less. If you step outside of those bounds, you become a threat to the internet.

CA's job is not merely to Validate (heck, there is no validation in DV certs!) and  issue a cert, but the whole lifecycle of the cert that includes revocation. It would be utterly irresponsible if we only issued and didn't manage the whole lifecycle.
CAs run the PKI infrastructure, validation is only one part of it.

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek