[DoctorNick]

It really doesn’t matter if it was circumstantial or not. When presented with such evidence, the TrustCor rep was extremely evasive. This isn’t a court of law; if a Root CA can’t be up-front about explaining evidence that calls their trust into question, then they cannot be trusted and deserve to have their certificates yanked.

[dcow]

They were under attack. I actually read the whole thread and they were crystal clear.

[ranguna]

Yeah I personally feel for the rep, they were indeed under attack. But there is no going around it, a company that advertised a product as being e2e encrypted when it really was not, having multiple levels of ties with the CA was enough to deem the CA as unfit.

I agree with this conclusion because the CA ecosystem is a fragile one if not governed strictly, since the risks are of the highest concern to the general use of the Internet.