Symantec and Comodo revoke certs without proper private key

Just the latest example why the SSL certificate industry is widely regarded as shady and has such a bad reputation. Not the first time either that Symantec or Comodo are in the news because of their sloppy security practises. There are rumours that Symantec and other companies want to sell their SSL businesses as quickly as possible.

Good riddance!

Let’s hope that the awesome work of Let’s Encrypt will accelerate the extinction of these shady and insecure Certificate Authorities. I predict that the launch of wildcard certificates will be the last nail to the coffin of the CA business model. And with it, the begginning of the end for these dishonest and untrustworthy practices.