It look like an attempt from Comodo CA to get the ability to impersonate another CA. Browsers should take actions to prevent that. A CA with such practice have no place in a trust store.
Update 25 June: It seems Comodo took the way to abandon that trademark. It’s a positive move to restore trust between CA.
It’s pretty obvious what Comodo is doing. Their business model is being threatened by something that is open and free. And they found something Let’s Encrypt (a non-profit) wouldn’t think to do and that’s register a trademark. They then exploited it to slow Let’s Encrypt down maliciously. The fact that they have to register a trademark in order to stop others from stealing the name even though they are a non-profit and are public benefit is another story. I don’t know why anyone would support Comodo unless they are paid or have a strong relationship with them not worth sacrificing. They’re trying to hurt something that is public benefit in a stupid obvious way. On top of that waste tax payers money through the courts.
The comments from the "paralegal with fair use experience" seem disingenuous, as US trademark law is largely based off active use of the name, and copyright is automatic. Neither of these rights need registration to enforce for something that began in 2014.
(I am not a lawyer; I am no longer affiliated with ISRG; This is amateur legal analysis I have received no training for)
Copyright and trademarks are two different things. Anyone who conflates the two and claims familiarity with the law should be suspect. Copyright is automatic, but I don't believe trademarks are in the same manner.
IANAL, but in my previous research, claiming a trademark through the use of "TM" common-law mark will get you some limited rights in the US, with much stronger rights for those marks that have been registered. I'm sure the LE legal council will give good advice on how to get things straightened out, although it's sad that time is having to be wasted on fighting what seems a bad-faith effort to create confusion and/or disadvantage a competitor.
comodo is great
"What they have is nothing new. We have been giving 90 day free certificates since 2007."
sorry but no.
looking it up:
it says
"Free SSL certificates are valid for 90 days and are limited to one issuance per domain."
so it is LITERALLY a trial of their certs.
LE takes free certs a lot more serious than comodo where these are just a trial, or also marketing.
From the comodo thread, from an alleged Comodo staff member:
With LE now being an operational business, we were never going to take
the these trademark applications any further. Josh posted a link to the
application and as of February 8th it was already in a state where it
will lapse.
Josh was wrong when he said we’d “refused to abandon our applications”. We just hadn’t told LE we would leave them to lapse.
but even if comodo decides now that they wanna run out, comodo COULD still backstab LE (e.g. if the CEO changes) so without a contract that ensures that comodo wont do anything like that I wouldnt be so sure.
It’s not clear, and though I understand the basics of trademark law, I’m not familiar with the detailed mechanics of the application process. The implication from that post is that once the application lapses, they’d have to start over from the beginning if they wanted to try it again. But still, it was a crappy move on their part to file it in the first place, and their whining about “they copied our 90-day-cert business model” is pretty pathetic.
Small (or rather big) update.
After the ceo and me derailed the thread there quite a bit (not my fault, he started) they filed for express abandonment.
Comodo’s move of filing for express abandonment, was proper (in my opinion), to show a good face to the public in that they are(trying to) not to appear as ‘dirty pool’ players.
If Commodo’s claim to have preceded Let’s Encrypt in issuing “free” SSL: certificates has any bearing on their assertion that they own the right to use the name “Lets Encrypt” - then maybe StartCom should bring their lawyers to the party.
StartCom have been issuing “free” SSL certificates since early 2005.
The only question I have is… is Darl Charles McBride consulting for Commodo now?
Darl McBride was the CEO of The SCO Group, who infamously sued IBM and Novell several years ago, claiming that Linux infringed on SCO’s Unix copyrights (which SCO didn’t own anyway).