nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: The state-level attack on the SSL CA security model

From: Franck Martin <fmartin () linkedin com>
Date: Sat, 26 Mar 2011 04:21:12 +0000


On 3/26/11 15:36 , "Joe Sniderman" <joseph.sniderman () thoroquel org> wrote:


On 03/25/2011 11:12 PM, Steven Bellovin wrote:


On Mar 25, 2011, at 12:19 52PM, Akyol, Bora A wrote:


One could argue that you could try something like the facebook
model (or facebook itself). I can see it coming. Facebook web of
trust app ;-)


Except, of course, for the fact that people tend to have hundreds of
"friends", many of whom they don't know at all, and who achieved that
status simply by asking.  You need a much stronger notion of
interaction, to say nothing of what the malware in your "friends'"
computers are doing to simulate such interaction.


Then again there are all the "friend us for a chance to win $prize"
gimmicks... not a far jump to "friend us, _with trust bits enabled_ for
a chance to win $prize"

Yeah sounds like a wonderful idea. :P


Wasn't PGP based on a web of trust too?
Previous By Date Next
Previous By Thread Next

Current thread: