CCSS Forum, Malware Certificate listing

_0M0D0 · May 19, 2013, 4:07am

Is it because the validation process of COMODO helps to avoid issuance of certificates for malware usage purposes, or is it because sometimes some certificates are issued and once reported, COMODO works on it to revoke it?

Second question would be: Do other vendors listed there really take care of their listing or they dont care?
Because to be honest, Symantec (VeriSign) has a long list and some reports were created on the year 2010.

Citizen_K · May 19, 2013, 8:26pm

See Digital Certificates used by Malware for further reference. It may answer part of your questions.

_0M0D0 · May 20, 2013, 2:04pm

Thank you EricJH, that answer my second question.
I "guess that for my first question… COMODO quickly revokes for security of end-users.

Citizen_K · May 20, 2013, 3:13pm

That’s what I remember Melih said but couldn’t find the quote. :-\