nanog mailing list archives

Previous By Date Next
Previous By Thread Next

RE: The state-level attack on the SSL CA security model

From: "Akyol, Bora A" <bora () pnl gov>
Date: Fri, 25 Mar 2011 08:36:12 -0700
What other choice does the public have? By locking them into the current trust model (for good or bad), the community 
has created this mess.

Is it far fetched to supplement the existing system with a reputation based model such as PGP? I apologize if this was 
discussed before.


-----Original Message-----
From: Dobbins, Roland [mailto:rdobbins () arbor net] 
Sent: Thursday, March 24, 2011 3:28 AM
To: nanog group
Subject: Re: The state-level attack on the SSL CA security model

...
Unfortunately, the general public neither know, understand, or care about such things.  They happily click 'I 
Understand the Risks' or whatever the button says in their browsers of choice to accept self-signed certificates all 
the time.

...
Previous By Date Next
Previous By Thread Next

Current thread: