Microsoft warns: Fraudulent digital certificates issued for high-value websites | ZDNet

It is interesting that Comodo would have even allowed these certificates to be generated.  In most cases there is verification of ownership of the domain before a certificate is issued.  This makes me wonder where those checks failed.  It is a best practice in corporate PKI to have human intervention for specifically high risk certificates.  A company with the trust of Comodo really needs to go farther to prevent these issues.

Microsoft warns: Fraudulent digital certificates issued for high-value websites | ZDNet.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.