Entrust gets a gold start next to their name in my vendor contact list.
Earlier this week, Entrust called. Not to sell us anything, but rather to advise us that we had a couple of SSL certs that were generated by the non-random Debian SSL package. That's pretty decent of them. But not only did they call, they made sure that we we understood the problem, they sent us a follow up e-mail with the details, and made sure we got the e-mail.
Microsoft recently did something similar with all of it's 'Premier' customers. In our case, for one of the nastier Windows vulnerabilities a few years ago, our Microsoft Technical Account manager called us, explained the problem, advised us how to mitigate and patch, and sent follow up e-mails and tracked our patching progress at 6 or 8 hour intervals with e-mails and phone calls until we were patched.
I like it when vendors are watching out for customers.
Compare that to the Network Solutions/Comcast domain fiasco. Or read Amrit Williams thoughts on trust and responsibility between providers and customers.