[gsylvie]

Little silly to say "I revoked $1M worth" since the price paid for each certificate includes unlimited renewals to fix problems like he identified. They are still worth $1M despite everything he did, they just have different private keys now and slightly improved data.

Maybe a better title would be, "Humans not 100% reliable about ensuring accurate information stored within thousands of data records, despite such accuracy kinda being the whole point."

[mkopinsky]

I know for a fact that at least one of those certs was replaced with a DV cert - once the team in question had to replace it, they realized there was no point in replacing it with an EV since the browsers are removing the EV UI anyway.[0] I'd bet that a meaningful proportion of the certs in question are similarly being replaced with DV.

[0] https://www.isc.upenn.edu/alerts-outages/planned-weblogin-ss...