nanog mailing list archives
Re: LinkedIn password database compromised
From: -Hammer- <bhmccie () gmail com>
Date: Thu, 07 Jun 2012 15:31:38 -0500
Thank you for educating without insulting. Always professional Owen. It's appreciated.
-Hammer- "I was a normal American nerd" -Jack Herer On 6/7/2012 3:18 PM, Owen DeLong wrote:
A proper CA does not have your business or personal keys, they merely sign them and attest to the fact that they actually represent you. You are free to seek and obtain such validation from any and as many parties as you see fit. At no point should any CA be given your private key data. They merely use their private key to encrypt a hash of your public key and other data to indicate that your private key is bound to your other data. You trust DMV/Passport Agency/etc. to validate your identity in the form of your government issued ID credentials, right? That doesn't give DMV/Passport Agency/etc. control over your face, but, it does allow them to indicate to others that your face is tied to your name, date of birth, etc. Owen On Jun 7, 2012, at 1:04 PM, -Hammer- wrote:I gotta agree with Aaron here. What would be my motivation to "trust" an open and public infrastructure? With my business or personal keys? -Hammer- "I was a normal American nerd" -Jack Herer On 6/7/2012 2:37 PM, Aaron C. de Bruyn wrote:On Thu, Jun 7, 2012 at 12:24 PM, Owen DeLong<owen () delong com> wrote:Heck no to X.509. We'd run into the same issue we have right now--a select group of companies charging users to prove their identity.Not if enough of us get behind CACERT.Yet again, another org (free or not) that is holding my identity hostage. Would you give cacert your SSH key and use them to log in to your Linux servers? I'd bet most *nix admins would shout "hell no!" So why would you make them the gateway for your online identity? -A
Current thread:
- Re: LinkedIn password database compromised, (continued)
- Re: LinkedIn password database compromised Christopher Morrow (Jun 07)
- Re: LinkedIn password database compromised Randy Bush (Jun 07)
- Re: LinkedIn password database compromised Owen DeLong (Jun 07)
- Re: LinkedIn password database compromised Michael Hallgren (Jun 07)
- Re: LinkedIn password database compromised Randy Bush (Jun 07)
- Re: LinkedIn password database compromised Rich Kulawiec (Jun 08)
- Re: LinkedIn password database compromised Owen DeLong (Jun 07)
- Re: LinkedIn password database compromised Aaron C. de Bruyn (Jun 07)
- Re: LinkedIn password database compromised -Hammer- (Jun 07)
- Re: LinkedIn password database compromised Owen DeLong (Jun 07)
- Re: LinkedIn password database compromised -Hammer- (Jun 07)
- Re: LinkedIn password database compromised Matthew Kaufman (Jun 07)
- Re: LinkedIn password database compromised Owen DeLong (Jun 07)
- Re: LinkedIn password database compromised David Walker (Jun 07)
- Re: LinkedIn password database compromised Owen DeLong (Jun 07)
- Re: LinkedIn password database compromised Jimmy Hess (Jun 08)
- Re: LinkedIn password database compromised Aaron C. de Bruyn (Jun 08)
- Re: LinkedIn password database compromised Luke S. Crawford (Jun 08)
- Re: LinkedIn password database compromised Phil Pishioneri (Jun 13)
- Re: LinkedIn password database compromised Grant Ridder (Jun 13)
- Re: LinkedIn password database compromised AP NANOG (Jun 20)