
Comodo has filed for express abandonment of LetsEncrypt trademark applications - FredericJ
https://forums.comodo.com/general-discussion-off-topic-anything-and-everything/trademark-registration-t115968.0.html;msg837505#msg837505
======
AdmiralAsshat
Evidently the company realized they were fighting a losing battle,
particularly after the CEO's disastrous response:

[https://forums.comodo.com/general-discussion-off-topic-
anyth...](https://forums.comodo.com/general-discussion-off-topic-anything-and-
everything/shame-on-you-comodo-t115958.0.html;msg837411#msg837411)

~~~
fapjacks
Tangential, but what in the hell is with the whole thing where company execs
refuse to use "I" in a sentence? Read anything typed up by some founder or
something, and you see sentence after sentence deliberately omitting self-
reference. Here specifically: "If they have right to it then more than happy
to comply"... If they have right to it then _I am /we are_ more than happy to
comply. Anytime someone posts email correspondence on HN, it's inevitably a
conversation devoid of self-referential terminology, even in totally innocuous
sentences. "More than happy to X. Concerned about the thing with Y. Call this
afternoon after meeting with Z." It's totally annoying.

~~~
spb
I remember reading an article a while back (couldn't find it through Google)
that talked about how people with abusive tendencies (which this kind of
tortured diatribe seems adjacent to) have an accompanying tendency to
psychologically distance themselves from their actions by avoiding first-
person constructions, eg. "and then it happened" instead of "and then I did
it".

That being said, it sounds like the cause of the omissions of _just the words_
of the first-person constructions this post uses is more likely to be rooted
in English being Melih's second language.

~~~
fapjacks
Here's another example of what I'm talking about from a recent post on HN [0].
Specifically in that post, an email correspondence goes like this: "Thought
sharing this framework with you prior to our convo would make it more
efficient. Would love to get your perspective on this when we chat in the
morning (your evening)."

See the weird omission of reference to self? Here's something I didn't
originally intend to share... The reason I notice this is because I used to
type emails like that. I don't know why I used to do that, but I eventually
stopped doing it consciously because I thought it sounded weird, and years
later noticed it in the situation I mentioned earlier. I find it annoying
these days to read people doing it. I totally get what you're saying about
ESL, but I'm referring to it happening outside of non-native English speakers.
I'm interested in your initial suggestion, though. Thanks!

[0] [https://entrepreneurs.maqtoob.com/my-cofounder-said-i-
love-w...](https://entrepreneurs.maqtoob.com/my-cofounder-said-i-love-what-
were-doing-and-we-shut-down-our-startup-80d5e710c2b2)

~~~
waterhouse
The historical example that comes to mind is telegrams, where the sender was
charged per word, and consequently people omitted as many words as possible
while keeping the message on the right side of comprehensible. Sometimes just
barely; Wiki gives this example telegram from Orville Wright:

"Success four flights thursday morning all against twenty one mile wind
started from Level with engine power alone average speed through air thirty
one miles longest 57 seconds inform Press home Christmas"

I sometimes omit first-person pronouns and some other words when writing text
messages, because I find it considerably more difficult to type there. The
charitable interpretation I would give is that, if someone writes emails like
this, either they're writing on an inconvenient mobile platform now, or
they're used to writing on such a platform and write that way even with a
proper keyboard.

------
nneonneo
In the original Comodo forum thread about this issue (where the CEO made some
claims about owning the 90-day certificate) there is this new response from a
staff member ([https://forums.comodo.com/general-discussion-off-topic-
anyth...](https://forums.comodo.com/general-discussion-off-topic-anything-and-
everything/shame-on-you-comodo-t115958.0.html;msg837436#msg837436)):

> With LE now being an operational business, we were never going to take the
> these trademark applications any further. Josh posted a link to the
> application and as of February 8th it was already in a state where it will
> lapse.

> Josh was wrong when he said we’d “refused to abandon our applications”. We
> just hadn’t told LE we would leave them to lapse.

> We have now communicated this to LE.

On LE's blog post, they mention that they have repeatedly asked Comodo to
abandon the applications since March 2016. If Comodo was going to let the
applications lapse as they claim, why not communicate this at the earliest
opportunity?

To me this is a dodgy answer at best. I am not so familiar with trademark law,
but I don't believe that an application "being in a state where it will lapse"
is in any way disarmed - it is my impression that Comodo could simply have
opted to continue the process, but is pretending that they wouldn't have in
order to avoid bad press.

~~~
hosh
How is it that the Comodo CEO kept assuming Let's Encrypt and ISRG is a
business, when it isn't? It's like he's fixated on that assumption and is
dragging everyone else into it.

Further, the last time I read through things about trademarks, my
understanding is that they don't work the way some of the people posting say
it does. Trademarks are influenced by whether it is a distinguishing mark or
not. You can lose trademark protection if it comes into common use. Once
registered, you have to keep defending it as a distinguishing mark. So I'm not
sure where the "paralegal" in that forum thread is coming up with the argument
that it somehow works like a "first-to-file" \-- the person who possesses the
paperwork possesses the right.

Maybe my understanding is incorrect. If it isn't off though, I can see their
lawyers saying, Comodo really doesn't have much of a case (but it'd still eat
up a lot of time and resources a small non-profit won't have).

~~~
jlgaddis
The paralegal in that forum thread is also talking about copyright -- and
claims some knowledge about it. Yet this issue centers around _trademarks_ ,
which are very different from copyrights.

------
AdamGibbins
Great to see a resolution to this issue, but this doesn't change the huge
distrust in the organisation I've now gained. I won't be for the foreseeable
future be buying any Comodo service again. They're clearly horribly misaligned
with my values.

------
ShakataGaNai
> thank the Let's Encrypt team for helping to bring it to a resolution.

Translation: Thank you LE team for sending the seething rage of internet
masses after us. We surrender.

------
ovt
Glad they gave up, but calling it collaboration and speaking of thanking is
silly bullshit.

~~~
josephb
Unless we see a statement from ISRG or LetsEncrypt, I'm going to assume
"collaboration" means capitulation in the face of Internet pitchforks :)

------
davidgerard
We are switching our Comodo certs over to Let's Encrypt because certain old
Android versions we have to support work with LE certs but not with Comodo.
Particularly important for APIs.

The 90 day expiry is a bit of a faff, but we've _mostly_ automated it using
acme.sh and automated DNS edits, and now we just need load balancer access (we
just moved to new hosts). LE is a godsend and fully up to commercial use in
our experience.

After this, there is no way on earth we're giving Comodo money again. I would
rather pay Thawte than these bozos.

~~~
technion
I've dealt with this issue for years.

Comodo certs have two possible chains. If you want to be supported by older
Android (and older iOS) devices, you needed to configure your server to hand
out the longer of the chains. When you buy a cert, this is not the chain they
will recommend.

This is easy under Linux if you can find the right certs, a huge PITA if
you're on IIS.

They do an incredibly poor job of documenting this or informing their support
on how to address it.

~~~
davidgerard
We switched to Let's Encrypt literally because of this, so that's a direct
penalty for their stupidity on this one ;-)

Do you know a writeup anywhere of the cert chain issue? (I ask for idle
amusement, no way we're going back to them.)

Oh, and when I say "fully up to commercial use", we plan to use LE certs for
our dev instances too (so we're SSL at all stages of development).

~~~
technion
No write up anywhere that I ever found. The best investigative tool is the
SSLLabs SSL test, which will show you both possible paths from the cert. By
looking at which certificates that test shows the server provided, you can
divine which path things are going to take.

If you find yourself landing at a root CA which is newer and not trusted by as
many devices, those devices won't intelligently realise it's cross-signed,
unless you switch the certs the server offers to send them up that path.

------
viraptor
I'll never be sure if this is true, but it will be in my memory... User
robinalden is the CTO, who I tweeted ~2h before the response was posted
([https://twitter.com/viraptor/status/746138644537237504](https://twitter.com/viraptor/status/746138644537237504)).
Given that he only posted 13 times on those forums, I hope I actually caused
him to ask Melih what he's doing :)

------
dsr12
Let's Encryption updated their blog post:

"Update, June 24 2016

We have confirmed that Comodo submitted Requests for Express Abandonment for
all three trademark registration applications in question. We’re happy to see
this positive step towards resolution, and will continue to monitor the
requests as they make their way through the system.

We’d like to thank our community for their support."

------
skywhopper
Alas, it's too late to save the business they lost forever from my company and
others who switched our business to another provider literally yesterday.
Thanks Comodo, for letting us know you are not a company we wish to do
business with.

------
ocdtrekkie
It's amazing how a bit of bad press can expedite such matters. :) Nice try,
Comodo, better luck next time.

~~~
criddell
Even if you forgive them for this, there's plenty of other reasons to dislike
Comodo.

~~~
Rantenki
There: [http://www.myce.com/news/comodo-ships-ad-injecting-https-
int...](http://www.myce.com/news/comodo-ships-ad-injecting-https-intercepting-
adware-worse-lenovos-superfish-75063/) Sure:
[http://www.infoworld.com/article/2623829/authentication/weak...](http://www.infoworld.com/article/2623829/authentication/weaknesses-
in-ssl-certification-exposed-by-comodo-security-breach.html) Are:
[http://dottech.org/10032/paying-a-price-to-use-free-
software...](http://dottech.org/10032/paying-a-price-to-use-free-software-the-
dark-side-of-comodo-products/)

------
ausjke
Never used Comodo, and never will.

Beside abusing the legal system, there is something else called right and
wrong by common sense. A CEO does not get that really should try a different
job.

------
jtokoph
Too late for me. Already renewed my expiring certs elsewhere yesterday.

~~~
oolongCat
I wonder if several hundred people like youself had anything to do with their
"express" abandonment.

------
technion
It's a statement made by what appears to be a new employee, who earlier on in
that thread appeared to contradict their CEO.

Melih's arguing on that thread has reached the level of trollbait.

------
diegorbaquero
Still, will never buy from them again.

~~~
tommoor
Yup, that reply from the CEO alone is enough for me to never want to buy a
cert from Comodo again.

------
tetrep
Why do I see this post as "[flagged]"?

~~~
woodman
This happened on the other link to their message board, and it doesn't
surprise me - the CEO has plopped himself in the middle of a very charged
issue, making it difficult to discuss the issue without it getting personal.
HN is great, due in large part to the moderators knowing what they're doing,
but a little more transparency on flagging would be nice (like @dang's unlink
and retitle messages). This sort of thing is only going to become more
important as information manipulation in old media becomes less effective on
people who form their opinions in places like this.

------
pmontra
A wise decision to limit losses and a face saving statement. They shouldn't
have started this, hopefully a lesson for other companies.

------
56k
"the trademark issue is now resolved", amazing.

They clearly wanted to put them out of business because they see them as a
competitor!

------
stanislavb
HackerNews has won!

~~~
nojvek
not really, hn still uses certs from comodo. cloudflare still uses certs from
comodo. cloudflare and hn dropping comodo would have been close to a win

------
ComodoHacker
OK, I won't change my nick to ComodoPhacker this time as I planned to.

Does anyone know a good free alternative to their Comodo Internet Security
product? I know there are plenty of free AV products, but I also use its
firewall and HIPS features, especially detailed logging.

