Thank you for your answer.
So, that means that neither is COMODO part of the solution. If the problem is “When issuing DV certs noone checks the legitimacy of who owns the domain never mind the content of the website”, then neither does COMODO.
This all thing about certificates that tell people they’re at the proper place is a complete bllsht. (Sorry about the last word, but, I can’t find any other that fits my thought.)
And, if “noone checks the legitimacy of who owns the domain never mind the content of the website”, and that includes COMODO, I could just create a domain, get a certificate, lets say from COMODO, make it be legitimate and distribute malware, rogue software etc., and visitors would be assured that the domain is perfectly safe because they’re seeing a COMODO certificate. This is making people believe in something that does not correspond to reality. Its leading them to a false sense of security.
And, how can a CA issue a certificate to someone running some “business” without having any background information about what the domain is for? This makes me wonder if CAs also, and I’ve seen proves before, if we’re still going to witness malware/rogue software also making use of digital certificates from well-known CAs.
Bottom line, you folks (CAs, and not just COMODO) are not part of the solution, rather part of the problem, because you’re misleading people. You make them believe that everyone/anything running your certificates have nothing but good intentions, when it is not the case.
People see a domain running a well-known CA certificate and they assume its safe, because they have no idea people behind malware domains also can get them. The same applies to malware.
So, rather than saying…
… What about you start to become part of the solution?