Melih, what do you have against VeriSign man...what did they ever do to you? They have helped alot of people and enterprises do business securely over the last ten years. They've probably made 2 major screw ups in their entire history and people like you despise them for it...come on.
Yes, I'm aware of SSL123 - I don't however agree with the point of it...I think there are other motives behind why thawte offered it in the first place but I won't go down that road. Look, it's useless for me to argue...I do try to keep an open mind which is why I rely on facts and research to make business decisions. I do receive alot of communication from VeriSign so yeah, I have been influenced to a certain degree.
Did you watch Stratton's key note address at RSA earlier this year? What was his opening question? refer to it.
I have nothign against any Company who follows good business practices! When some of our customers talked to Verisign sales people they claimed we don't own our roots (even though we own 11) and they claimed their validation was stronger than ours (even though they have misissued a certificate to someone pretending to be Microsoft! yes this is public).
You started by accusing Comodo dude! You accused us for issuing low assurance and claimed that Verisign does not issue low assurance which could be susceptible to phishing!
I proved to you that Verisign does issue low assurance, and you admitted that you know about it! So why were you claiming all this high ground for Verisign only issuing high assurance stuff, while you knew very well that they were issuing low assurance certificate?
Q) What innovation has Verisign brought to the masses?
A) Ask users, what has Verisign given to them?
Q)What has Verisign done to stop the erosion of the trust on SSL?
A)Nothing! Until I started the CAB initiative and now thanks to this initaitive that Comodo (not Verisign) started the future of SSL is secure and trust on SSL will be restored! Why didn't Verisign do that?
Q)How much money has Verisign made from SSL? They managed to buy companies for $20 Billion dollars! yes $20Billion, why couldn't they let the end users benefit a bit, you know, just few crumbs here and there!
What Verisign has done is to exploit a market opportunity (quite well actually) for a product called SSL, milk it, chew it and spat it! As you have pointed out, the word "Trust" is no longer used in the way they describe their business!
It is Comodo who has now secured the future of the SSL, NOT Verisign!
It is Comodo who has brought you Content Authentication innovation, NOT Verisign!
It is Comodo who has made High Assurance SSL cost effective hence enabling fledgling online businesses access to technology which was otherwise was not accessible, NOT Verisign!
It is Comodo who has made desktop security a reality for the masses, NOT Verisign!
It is Comodo who is building a business based on "Creating Trust Online", NOT Verisign!
Maybe you can list what Verisign has done
Here is something I found about Verisign that might of interest to you ;-)http://www.internetnews.com/infra/article.php/3607566
Here is an excerpt for you
"Kevin Murphy, a judge for the the Superior Court in Santa Clara County, said he found the plaintiffs' allegations that VeriSign engaged in false and misleading advertising about Secure Site Pro to merit legal proceedings. "
And this is what MS says about SGC certs which is the issue with the court case..http://support.microsoft.com/default.aspx?scid=kb;en-us;875450
Here is an excerpt for you:
"Microsoft and other vendors stopped shipping products that have standard encryption shortly after the U.S. lifted its export restrictions in early 2000. By default, these products support strong encryption and do not depend on sites to be configured with SGC certificates for strong SSL encryption. "
So when you sell SGC certs AbsynthMinded (who is a Verisign reseller), pls do tell the customers that it is practically of no use whatsoever, but a good way for you to extract more money from them because they don't know any better!!! Lets see if they buy it then ;-)