Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Lovely words, of course in the case of Mozilla we already know its wholly worthless. Disregard whatever they write to the contrary.

Case in point: https://bugzilla.mozilla.org/show_bug.cgi?id=724929



Why do you single out Mozilla? Trustwave is still trusted by Microsoft and Google too...

IIRC, it's that event that led to a policy revision, what they did at the time (and by they I mean everyone, Mozilla included) was applying their policy of the moment.

It was one of the event that led to what happened to CCNIC...


I didn't single them out, Mozilla singled themselves out of the others. They insist on being the only free browser out there, and when push comes to shove, they collapse.

Did you miss the discussion in the bug report? It was clear TrustWave was in violation of the policy, even at the time. If you issue a CA=YES to a 3rd party that then goes on MITMing Google, I can't imagine there exists a policy out there you are not in violation of.

And what did they do? Nothing. Instead of being the free-spirit out there, they just follow whatever Google does. Even now, they are only following Googles lead. They have the unique opportunity that their crazy compat layer affords in having their own root certificate store across all platforms, and they do nothing. It's a disgrace.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: