> On Aug 31, 2016, at 6:36 PM, Matt Palmer <mpal...@hezmatt.org> wrote: > > there's just waaaay too many sites using WoSign (and StartCom) for the > CAs' roots to just be pulled. Sad, but true.
Not even. Pull away. > I'd be surprised if most business continuity people could even name their > cert provider, and most probably don't even know how certs come to exist or > that they *can* be made useless on a wide scale by the actions of, > seemingly, an unrelated third party. Not in my neck of the woods. If you have a drought of good ones in your area my consulting company calls that an opportunity... Sent from my iPhone
