So get this: the CEO of a Certificate Authority, which control the lock icon of your browser, sent >20k private keys via email, unencrypted. How hard can you show your incompetence and make clear that you had no place running that business in the first place?!?
@Kensan This mozilla.dev.security.policy thread is fun reading: https://groups.google.com/forum/m/#!msg/mozilla.dev.security.policy/wxX4Yv0E3Mk/QZt8UPhKAwAJ
especially the bit where the Trustico CEO gets all defensive and blustery and threatens legal action for... what, for Digicert complying with their request?