back to article Comodo CA acquired by Francisco Partners ...

Comodo's certificate business has a new owner, and not everybody's happy about it. That's because buyer Francisco Partners also counts among its investments companies like SonicWall, which produces SSL proxy boxes, and NSO Group, which produces government spyware, among other cyber-surveillance upstarts. Last time we heard, …

  1. Ph2tstor

    So this is the “break even” point then on the CA/firewall vendor graph.

    Will this mean all sonic wall admins will only need to tick a box called “MitM” ?

    Talk about not even having to deploy your own CA cert anymore.

    What’s going to happen now? Firewalls with Comodo root CA baked in?

  2. KjetilS

    Hopefully this will end up in Comodo being blacklisted as a CA in the same way Symantec has become

    1. Disgusted of Cheltenham

      But then we couldn't pay fines...

      Comodo is the trust anchor for

      https://penaltynotice.direct.gov.uk/

      (If, for some reason, you don't like this, please offer a better suggestion for HMG.)

  3. x 7 Silver badge

    Wasn't it Comodo who issued those fake man-in-the-middle certs to allow interception / advert injection?

  4. DropBear Silver badge

    Chiming in at the village idiot level (which I am at in these affairs) - how about not trusting ANY of those f##kers? I know I don't, except of course I have to, unless I'm willing to pull the plug. So what about some sort of block-chain CA, that essentially confirms only that whoever you've been talking to as "website.com" is the same entity as all other people have been talking to? That clearly wouldn't help with a MitM agent sitting between "website.com" and _everybody_ else but perhaps someone smarter can figure something out against that too...?

    1. phuzz Silver badge

      "some sort of block-chain CA"

      That sounds like the sort of idea which will get you millions in funding from VCs these days. It probably won't work, but if you're sensible you'll have skipped out with the cash way before anyone realises...

    2. joepie91

      That's essentially just reinventing Certificate Transparency, except less scalable, more expensive, and less reliable.

      Seriously, blockchains are totally useless solutions for 99.99% of cases. For almost everything, there are better non-blockchain solutions. Virtually the only thing that blockchains are actually *good* for are... you guessed it... trustless financial transactions.

  5. Anonymous Coward
    Anonymous Coward

    Blue Coat owned by Symantec

    Blue Coat (with a space) has been owned by Symantec for over 12 months. Not saying that marriage of CA and Proxy/MITM manufacturer is any better, but AFAIK, Francisco Partners have nothing to do with Blue Coat anymore.

    1. This post has been deleted by a moderator

    2. diodesign (Written by Reg staff) Silver badge

      Re: Blue Coat owned by Symantec

      Thanks - oops, someone forgot about the Symantec sale. We've updated the article. Don't forget to email corrections@theregister.com if you spot any errors and we'll get on them straight away, if necessary.

      C.

  6. phuzz Silver badge

    Does anyone else get Comodo mixed up with Contoso?

    1. x 7 Silver badge

      No, but I get them confused with dragons

  7. David McQueen

    Why sell to Corporations?

    Most Corps us Microsoft Active Directory or Imaging in some way and install their own Trusted Root Certs via GPO or manually in the image.

    1. hughgrection

      Re: Why sell to Corporations?

      Yeah this is bad enough since the users very often aren't informed. Had the problem with two clients, I only realized that TLS was compromised on their dreadful Windows boxes when setting up a Linux VM to get work done. These days I simply don't accept clients that forcec me to run Windows on their hardware.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019