I like this designation: “wish”.
I am glad 
Melih
It’s a Security Software Company handing out certs to sites,… connected to malicious behavior.
Granted if Comodo products weren’t so well received and highly rated, this mountain would be a mole hill.
Here’s the thing,… While many of us, use the best firewall there is, it begs us to ask the question, WHY?
If Comodo continues in this practice, it can hardly be said that they are “Creating Trust Online”.
Even Donna was using this firewall before all this…
I am sticking with CIS because it works best for me. And I believe Comodo’s business practice’s will work themselves out, if they know what’s good for them.
It turns out that there are three types of SSL cert: EV, OV and DV.
Whenever OV and EV certs are also meant to verify the organizational info and authenticate the organization behind a site thus discouraging malicious behaviors, DV certs provide no more than a secured encrypted connection whereas the user cannot assume that the organization information has been authenticated.
For these reason it is not recommended to inherently trust a DV SSL Certificate unless the user has a pre existing relationship with the organization and have specific knowledge that the web site does indeed belong to that organization.
eg: How VerificationEngine provides feedback on High and Low Assurance SSL
If a site with a dv–ssl cert is connected to malicious behavior at a later time it doesn’t mean that this could unambiguously determined in early stages whenever some might provide this impression leveraging on hindsight arguments.
I guess it is not simple as many harsh critics make it appear and for sure it something not strictly related to a single CA but to any DV-SSL issuer although it is blatantly apparent that some people focus on a single CA as if they would be not aware of other CAs affected whereas in fact they are misrepresenting a more general scenario.
All boils down to finger pointing leveraging on the widespread sentiment that such occurrences should be prevented hinting at an hypothetical solution which is often undisclosed or inaccurate if blatantly ineffective.
Whenever a malicious abuse is confirmed reporting still is important whereas an factual effort to educate about the limited guarantees of DV certs would actually be more beneficial than finger pointing targeted attacks.
here is a recent paper on why DV shouldn’t be used!!!
says:
Zusman obtained a DV cert for Live.com (Microsoft) from a Verisign Company!
The problem is: people simply do not understand the problem is with DV certs. The lack of validation is a HUGE problem!
Melih
Is Comodo a digital trust service? Or a security software company? Being the latter you must be held at a higher level of trust. Does VeriSign have security software? You have to see the irony in all this, don’t you? Isn’t there another way Comodo can generate capital? You had to of known about the risk involved in handing out certs (VeriSign),… and how a respected security software company could be damaged by it.
And I really don’t think it matters whether people understand DV certs or not. As long as you realize the huge problem with it and how it can backfire,… if your in the security business.
I love CIS. The firewall is top notch. And I wish only the best for Comodo in the future.
1)Do you realise there is no 100% security?
2)If you do understand 1, then what leve is acceptable for Comodo?
3)Once you have identified the level that is acceptable can you pls tell us the comparison of level between us and others and show us why the level Comodo at is not acceptable?
for example:Off the 100 certs issued to malware sites what is acceptable for Comodo to issue compared to others? (if you say zero then you believe on 100% security which doesnt’ exist).
Also: On average how long should it take compared to other vendors for Comodo to revoke a reported cert (used for malicious activity) eg: it might take others 10 days to revoke…how long would it be acceptable for Comodo?
Lets see the actual level Comodo is at! 
Melih
Honestly, I don’t believe Comodo should be issuing certs.
As you know quite well, certs are not trustworthy as history has shown. They will always find a way to malicious sites. And for Comodo to be involved in anyway, a company involved in creating security,… well…
Thing is,… you would think if anyone could issue certs properly, it would be a security company. But like I said earlier, that is highly unlikley as certs always find a way to bad sites.
It would be nice for Comodo to change the DV issuing policy, if just for itself, to higher security standards.
That may be nice, but how should Comodo earn money then?
There is no irony having people putting forward focused attacks to damage a respected company.
So I guess it matters whether people understand DV certs or not as obviously the most vocal critics prefer to do finger pointing attack instead of having people understand DV which could would be part of the solution…
…whereas the solution in itself cannot be focused on Comodo alone whereas issuer of a limited percentage of DV certs as a result of those finger pointing attacks.
Improved standards ought to mean OV or EV certs but those are already there.
Well then stop selling DV certs as those are damaging Comodo’s reputation (which wasn’t very good in some people’s eyes in the first place)!
Would you rather some other company who issued it that didn’t try to fix certs and react so quickly?
How would that help end users?
At least Comodo is managing a very dangerous tool responsibly, imagine if Comodo wasn’t there…there wouldn’t be EV there wouldn’t be a fast way revoking certs and that would not help end users! So Comodo’s existence in the cert market has undoubtedly helped end users.
Melih
I explained before why Comodo selling/providing DV is better than Comodo not providing it.
Melih
People are willing to damage Comodo’s reputation whenever Comodo stopping to issue DV certs will not prevent such ill intentioned people to forge some other reason to complain nor affect the vast majority (90%) of DV certs issued by other (coincidentally neglected) CAs
Wherever DV certs were originally introduced at a later time than OV certs and browsers represented them both with the same padlock, it has been for a long time now that DV certs are not differentiated from higher standard OV certs thus generating confusion and possibly decreasing the utilization of OV certs.
DV certs are not to be inherently trusted unless the user has a pre existing relationship with the organization and have specific knowledge that the web site does indeed belong to that organization.
It would be as simple as having endusers to be aware about this and have them regard a page with a DV cert like any plain http page with the only addition of encryption to secure the connection.
When I was looking for a FW, doing research I found nothing but high praise of CIS and their support for their products. How I stumbled upon this affair, I don’t remember. Maybe Softpedia with the toolbar thingy. To me that’s not a big deal. Hey CIS is freeware and you gotta expect something like that.
But certs is a dirty business that should be steered way clear from.
Well I don’t see how, if like you said the tiny percentage Comodo has in digital certs, won’t make a dent in improving the overall outlook of certs in general. Until you scrutinize the way you issue certs to begin with, I’m afraid this will never go away, and Comodo’s reputation will suffer. Revoking certs quickly is not a solution for your problem.
I guess the effort some people put in creating affairs should be evident whenever at times it also looks they are providing advices or concerns, it is not they will be able to make a big deal of everything while rubbing dirt whenever they please.
I guess your talking about the stink with the toolbar? I’m not sure,… but then I never heard of Kahlil Gibran either.
Well to sum up,… I only voiced my concerns on this matter(certs), cause I believe it to be a very serious conflict of interest.
Just think of the day when a Malicious site you issued a cert to,… bypasses CIS.
Boy would that be a kick in the pants…
I guess even if that unlikely day won’t come a lot of ill-advised people could dream of a kick landing in “Comodo’s pants”