Reply to post: Mis-issued?

FAKE Google web SSL certificates tip-toe out from Indian authorities

P. Lee


Is it just me that thinks that the likelihood of Google going to an Indian CA for a cert is so remote that it should set of large enormous alarm bells to the CA issuing it. Given that the CA's only real work is to check identities, surely this has to be abuse. If it is incompetence, it is on a gross scale and the CA needs to be punished for that too. Given that they receive a lot of cash for very little, they need to stop hiring numpties.

It is like SEC regulations, they are expensive to comply with, nobody likes doing it, but if you get caught in breach, the consequences should be severe. Actually its worse than that, given that the only job is to follow the regulations.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022