The CA community is complex and nuanced, particularly given the issuance of certificates in a multitude of environments and devices. We’ve been reminded of that fact again this week by confusion over an intermediate CA used by Blue Coat. Companies often have their own intermediate CA so they can issue certificates only for their organization, which was the case for Blue Coat. These types of certificates are often used for testing purposes and usually are discarded once the tests are completed. When we issue an intermediate CA, our protocols state that Symantec maintains full control of the private key. That’s exactly what took place with Blue Coat. The company never had access to the private key and speculation that Blue Coast was issuing public certificates for other organizations is incorrect. Like any topic that is complex, it’s easy for things to get misconstrued. This was a routine CA request and nothing more.
Twitter カードのスタイル:
summary