What troubles me is that no one has tried actually looking for sites that use this cert. If any valid sites are signed using this cert, then it's a simple matter of asking them who they paid for certification.
It's of course harder to prove that NO sites use this cert. If there's a way to craft a Google query that searches for sites signed by a particular cert, that could go some distance to indicating whether it's been used and where.
It's of course harder to prove that NO sites use this cert. If there's a way to craft a Google query that searches for sites signed by a particular cert, that could go some distance to indicating whether it's been used and where.