(In reply to comment #89) > > those 9 certs are now publicly available, so I see > no reason to keep that bug private any longer.
No, I think the 9 certs are NOT publicly available. In fact, the attacker might not have received the certs, according to Comodo's blog.
So, for the time being, it might be a good idea to keep the certs hidden?
(In reply to comment #89)
>
> those 9 certs are now publicly available, so I see
> no reason to keep that bug private any longer.
No, I think the 9 certs are NOT publicly available.
In fact, the attacker might not have received the certs, according to Comodo's blog.
So, for the time being, it might be a good idea to keep the certs hidden?