back to article Entrust faces years of groveling to regain browsers' trust, say rival chiefs

After falling down in the estimations of major browser makers Google and Mozilla, Entrust faces a lengthy fight on its hands to regain industry trust and once more issue trusted TLS certificates. That's according to the top dogs at rival cert issuer Sectigo. The company also claims that Microsoft and Apple are likely to follow …

  1. Pascal Monett Silver badge

    Um, what ?

    "we are actively and vigorously implementing an improvement plan to return to full browser acceptance"

    Well all you need to do is follow the CA guidelines. If that has been so difficult for you in the past, then you need to actively and vigorously get your finger out and start working properly.

    Why is it that compliance with recognized international stardards are so difficult for some companies ? Are they in league with criminal elements that prevent them from doing the job properly ?

    Because, apart from sheer incompetence, what other excuse is there ?

    1. Justin Pasher

      Re: Um, what ?

      Money. It's always about the money.

      Entrust wanted to put the satisfaction of their customers over compliance with the standards. If they made a customer mad by following the standards and revoking certificates properly, the customer would answer by taking their money elsewhere (eventually). You can head over to the CA Compliance section in Bugzilla[1] and read about all the gory details (warning: there is a LOT to read on the Entrust filings). Their biggest (and repeated) problem was not revoking faulty certificates in the prescribed time (24h/5d). They were always trying to compromise with their customers because the customers said they couldn't get certificates replaced in that short of time. Some of them literally took months. Imagine how these customers would respond if their was a private key breach (I wonder if they did the responsible thing during the Heartbleed vulnerability and got everything reissued). They even had a report back in 2020 with the exact same problems and stated the exact same things they are now stating they would do to fix it.

      There's only so long you can keep saying "we'll do better" without tangible results.

      [1] https://bugzilla.mozilla.org/buglist.cgi?product=CA%20Program&component=CA%20Certificate%20Compliance&bug_status=__open__

      1. ecofeco Silver badge

        Re: Um, what ?

        Oh my god. What a shitshow!

        Thanks for the update!

  2. Potemkine! Silver badge

    Entrust

    He's dead, Jim.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like