Comment 54 for bug 310999

(In reply to comment #42)
> If there were any doubt in my mind whatsoever about StartCom being an
> [un]trustworthy CA it was erased this morning by this post on Slashdot[1] - how
> is their complete lack of validation any different to that of Comodo's RA when
> the result is the same (ie anyone can issue a cert for arbitrary domains)?
>

Please educate yourself before making more accusations. There was no "complete lack of validation", it was an attack using dedicated tools. As bad as it is, our systems prevented damage to a high degree! I'd say, StartCom acted as a whole excellent in the face of such an attack.

https://blog.startcom.org/?p=161