|
|
|
|
|
|
by ggm
2657 days ago
|
|
|
CT principles would surely demand they do some public facing declaration? The 'pull the certificates from the browsers' thing demands people from these companies maybe recuse themselves from conversations? (this is public trust process stuff, not technology per se) |
|
|
Many of the affected CAs have already come out and "confessed" that they've issued non-compliant certs and stated that they're revoking them.
No certificates are being "pulled from browsers" as a result of this incident as far as I know.