back to article Comodo CA acquired by Francisco Partners ...

Comodo's certificate business has a new owner, and not everybody's happy about it. That's because buyer Francisco Partners also counts among its investments companies like SonicWall, which produces SSL proxy boxes, and NSO Group, which produces government spyware, among other cyber-surveillance upstarts. Last time we heard, …

So this is the “break even” point then on the CA/firewall vendor graph.

Will this mean all sonic wall admins will only need to tick a box called “MitM” ?

Talk about not even having to deploy your own CA cert anymore.

What’s going to happen now? Firewalls with Comodo root CA baked in?

3
0
Reply

Hopefully this will end up in Comodo being blacklisted as a CA in the same way Symantec has become

0
0
Reply

But then we couldn't pay fines...

Comodo is the trust anchor for

https://penaltynotice.direct.gov.uk/

(If, for some reason, you don't like this, please offer a better suggestion for HMG.)

0
0
Reply
x 7
Silver badge

Wasn't it Comodo who issued those fake man-in-the-middle certs to allow interception / advert injection?

0
0
Reply
Silver badge

Chiming in at the village idiot level (which I am at in these affairs) - how about not trusting ANY of those f##kers? I know I don't, except of course I have to, unless I'm willing to pull the plug. So what about some sort of block-chain CA, that essentially confirms only that whoever you've been talking to as "website.com" is the same entity as all other people have been talking to? That clearly wouldn't help with a MitM agent sitting between "website.com" and _everybody_ else but perhaps someone smarter can figure something out against that too...?

0
0
Reply
Silver badge

"some sort of block-chain CA"

That sounds like the sort of idea which will get you millions in funding from VCs these days. It probably won't work, but if you're sensible you'll have skipped out with the cash way before anyone realises...

5
0
Reply

That's essentially just reinventing Certificate Transparency, except less scalable, more expensive, and less reliable.

Seriously, blockchains are totally useless solutions for 99.99% of cases. For almost everything, there are better non-blockchain solutions. Virtually the only thing that blockchains are actually *good* for are... you guessed it... trustless financial transactions.

0
0
Reply
Anonymous Coward

Blue Coat owned by Symantec

Blue Coat (with a space) has been owned by Symantec for over 12 months. Not saying that marriage of CA and Proxy/MITM manufacturer is any better, but AFAIK, Francisco Partners have nothing to do with Blue Coat anymore.

0
0
Reply

This post has been deleted by a moderator

(Written by Reg staff) Silver badge

Re: Blue Coat owned by Symantec

Thanks - oops, someone forgot about the Symantec sale. We've updated the article. Don't forget to email corrections@theregister.com if you spot any errors and we'll get on them straight away, if necessary.

C.

1
0
Reply
Silver badge

Does anyone else get Comodo mixed up with Contoso?

0
0
Reply
x 7
Silver badge

No, but I get them confused with dragons

1
0
Reply

Why sell to Corporations?

Most Corps us Microsoft Active Directory or Imaging in some way and install their own Trusted Root Certs via GPO or manually in the image.

0
0
Reply

Re: Why sell to Corporations?

Yeah this is bad enough since the users very often aren't informed. Had the problem with two clients, I only realized that TLS was compromised on their dreadful Windows boxes when setting up a Linux VM to get work done. These days I simply don't accept clients that forcec me to run Windows on their hardware.

0
0
Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2018