Whats going on at StartSSL?

This morning security researcher Ivan Ristic (@ivanristic) asked Eddy Nigg (@eddy_nigg) for an explanation about the June 15 incident involving StartSSL that left their service offline for several days. Previously the company had issued a statement that read:

"Subscribers and holders of valid certificates are not affected in any form. Visitors to web sites and other parties relying on valid certificates are not affected. We apologize for the temporary inconvenience and thank you for your understanding."

Given that it is now August 8th, it seems reasonable that there would be an explanation of what happened at StartSSL during this incident, however, what Ivan received instead was a founder running short on public disclosure. The exchange, which you can read starting here goes back and forth, finally ending with a challenge to Ivan stating:

"@ivanristic I challenge you to find ONE valid certificate that isn't compliance with our policies or vendor requirements issued by StartCom."

Whats going on at StartSSL and why isn't there a full public disclosure about the events surrounding the June 15th incident?