nanog mailing list archives

RE: Microsoft deems all DigiNotar certificates untrustworthy, releases updates

From: "Keith Medcalf" <kmedcalf () dessus com>
Date: Sun, 11 Sep 2011 13:00:09 -0600

Damian Menscher wrote on 2011-09-11:

Because of that lost trust, any cross-signed cert would likely be
revoked by the browsers.  It would also make the browser vendors
question whether the signing CA is worthy of their trust.


And therein is the root of the problem:  Trustworthiness is assessed by what you refer to as the "browser vendors".  
Unfortunately, there is no Trustworthiness assessment of those vendors.

The current system provides no more authentication or confidentiality than if everyone simply used self-signed 
certificates.  It is nothing more than theatre and provides no actual security benefit whatsoever.  Anyone believing 
otherwise is operating under a delusion.

--- Keith Medcalf
()  ascii ribbon campaign against html e-mail
/\  www.asciiribbon.org

Current thread:

Re: Microsoft deems all DigiNotar certificates untrustworthy, releases, (continued)
- - - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases Christopher Morrow (Sep 13)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases Ted Cooper (Sep 13)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases Christopher Morrow (Sep 14)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases Joe Greco (Sep 12)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates lgomes00 (Sep 11)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Valdis . Kletnieks (Sep 11)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Mark Andrews (Sep 11)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Jimmy Hess (Sep 11)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Damian Menscher (Sep 11)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Christopher Morrow (Sep 11)
- RE: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Keith Medcalf (Sep 11)
  - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Valdis . Kletnieks (Sep 11)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Christopher Morrow (Sep 11)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Valdis . Kletnieks (Sep 12)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Christopher Morrow (Sep 12)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Robert Bonomi (Sep 12)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Christopher Morrow (Sep 12)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Mike Jones (Sep 12)
  - RE: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Hank Nussbacher (Sep 11)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Eliot Lear (Sep 12)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Jason Duerstock (Sep 12)

(Thread continues...)