Update on Comodo Dragon and Let’s Encrypt


Background: Beginning with version 57, Comodo’s browser Dragon has marked any connection secured by LE as affirmatively not secure, without explaining why, or giving the user any advice.

It has been brought up a few times on Comodo’s forum, but never explained. When Dragon 68 beta was released, I asked again, and got the answer that the issue would be fixed in Dragon 68. Yesterday, said version was released, and now it looks like this:


This is how all valid and trusted DV-certificates look in Dragon.


Interesting. Does it show the orange shield for all major sites using DV?

Based on some HN comments I believe the plan of some mainstream browsers is to remove the visual cues differentiating DV and OV/EV certificates. Not surprising given its commercial interest that Comodo chooses to do the opposite, but I guess we’ll see what wins in the end.

1 Like

Yes, DV-certificates from all CAs are now treated equally.

Comodo is a member of CASC, who…

…who is… what? Trying to stage a coup in the CA/Browser forum? Trying really hard to devalue DV certs, at a minimum.

Trying to make EV and OV look relevant, when browsers, beginning with Chrome, do the opposite.

Well, I think Comodo’s pretty established themselves as a bad actor, between the incessant FUD against Let’s Encrypt, and their attempt to trademark “Let’s Encrypt” a couple of years back. At least here they aren’t singling out LE, but I guess they, along with a few other CAs, are trying to persuade the CA/B forum to change how they handle DV vs. OV certs.

Though I’m not sure it’s a bad thing to distinguish DV from OV certs in the browser UI, doing so in a way that suggests DV is bad isn’t likely to fly.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.