"The hackers behind the attack on StartCom failed to obtain any certificates that would allow them to spoof websites in a similar fashion, and they were also unsuccessful in generating an intermediate certificate that would allow them to act as their own certificate authority, Nigg said in an email."
As opposed to the Comodo breach where the attackers successfully managed to get fake certificates for several high-profile sites.
Ha fair enough, and thanks! One problem with the CA system is that (as far as I understand) it really doesn't matter whether you choose a particularly secure CA or not - you're as vulnerable as the most vulnerable CA. That's why something like public-key pinning is important.
"The hackers behind the attack on StartCom failed to obtain any certificates that would allow them to spoof websites in a similar fashion, and they were also unsuccessful in generating an intermediate certificate that would allow them to act as their own certificate authority, Nigg said in an email."
As opposed to the Comodo breach where the attackers successfully managed to get fake certificates for several high-profile sites.