[jlgaddis]

Too bad the author didn't issue certificates for, say, google.com, microsoft.com, and/or mozilla.org. That'd be a more likely way of getting those browser makers to put some restrictions or "sanctions" on them like Google recently did with Symantec.

[jessaustin]

It's my understanding that pinning limits the damage of this sort of attack on those "big" sites.

[RKearney]

I think what jlgaddis was trying to say is that by getting certificates issued for the major browser vendors, you're much more likely to get them to pull this CA out of the trust store.

[jlgaddis]

Yes, exactly. Thank you, I wasn't as clear as I could have been.

[jessaustin]

Frankly, I could have thought a bit more deeply before responding. Your meaning seems clear to me now.