SSL Browser Root Ubiquity – is it real?

I haven’t posted in a while, so this is a good post to revive this blog.

Just run across a post onVeriSign’s (now Symantec) blog.This is former Tim Callan’s SSL blog, was quite interesting to follow. However, Tim Callan left Symantec recently, so different people now write posts for it.

Regardless… Here is the post in question:  The SSL Blog – Online Security

First, I wanted to post a comment to that entry, but I couldn’t – blog engine told me that:

Your comment submission failed for the following reasons:
Text entered was wrong. Try again.

Doubt this is AI 🙂 just comments are broken in such funky way, so here is my response:

  1. You can’t say “more than 1 in 10 visitors to this site were being shown a message” based on “IE6 which still enjoys nearly 11% of worldwide browser market share” – you do not know what is the share of IE6 users on the site in question, it very well could be 0%.
  2. Going forward, new CAs will rise and they won’t have their new roots in old browsers – because there is no time machine to go back and put them in.
    This does not make those new CAs less trusted than the old ones.

I guess, Symantec does not like competition and uses every opportunity to poke at rivals.