• 0 Posts
  • 5 Comments
Joined 1 year ago
cake
Cake day: September 27th, 2023

help-circle

  • The first report I looked at was Entrust refusing to revoke certs because their clients’ manual processes would make applying reissued certificates inconvenient.

    Quite fun reading, surprisingly - a mid thread revelation that they’d pulled the exact same shit 4 years ago, an attempt by Entrust to kill the issue because unattributed legal advice said they’d misreported the error. And then, just when their chutzpah seemed to be wearing everyone down, a good ‘fuck you’ from Apple forced them to revoke the certs after all.

    I’m not surprised Google had enough & yanked their license to print money.



  • I’m not sure how much money they’ll actually get from this.

    The (50,000 employee) company I worked for had very slow IT processes at the time, but when the licensing changed they treated it like a critical security vulnerability because of the amount of money involved: they very quickly migrated their software packages to include non-Oracle OpenJDK builds & rolled out an update to uninstall Oracle java from all PCs. And all server owners were given a deadline to migrate or start paying recovery costs.

    I imagined it’d be smaller organisations which would’ve sat on this issue.