From what I can tell, they're only resellers, the companies that actually issue the certs are GeoTrust and Symantec.
In any case, I know it can and does happen, I just don't agree that it is "far from difficult". Having to hack an SSL provider is out of reach for the vast majority online thieves and casual snoopers.
Well yes, none of them would actually have their own name on said certs. But all of them had API access to make symantec or geotrust issue certs. End result is the same.
Having been involved in all of the hacks I linked, I wouldn't describe them as anything extraordinary.
Well yes, none of them would actually have their own name on said certs. But all of them had API access to make symantec or geotrust issue certs. End result is the same.
Last time I used a RapidSSL reseller, I had to authenticate my domain against a GeoTrust controlled page before the cert was issued. Is this not the case with WebNIC?
Is it? Please provide a cert for ycombinator.com. Thanks.