[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

The state-level attack on the SSL CA security model

Subject: The state-level attack on the SSL CA security model
From: rdobbins at arbor.net (Dobbins, Roland)
Date: Fri, 25 Mar 2011 13:25:49 +0000
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]>

On Mar 25, 2011, at 5:21 PM, Florian Weimer wrote:

> I can't see how a practice that is completely acceptable at the root certificate level is a danger so significant that state-secret-like
> treatment is called for once end-user certificates are involved.

Again, I don't know enough about what happened to form an opinion one way or another.  I'm just setting forth some reasons which spring to mind for not announcing this immediately, that's all.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

		The basis of optimism is sheer terror.

			  -- Oscar Wilde

References:
- The state-level attack on the SSL CA security model
  - From: millnert at gmail.com (Martin Millnert)
- The state-level attack on the SSL CA security model
  - From: rdobbins at arbor.net (Dobbins, Roland)
- The state-level attack on the SSL CA security model
  - From: joakim at aronius.se (Joakim Aronius)
- The state-level attack on the SSL CA security model
  - From: rdobbins at arbor.net (Dobbins, Roland)
- The state-level attack on the SSL CA security model
  - From: fweimer at bfk.de (Florian Weimer)
- The state-level attack on the SSL CA security model
  - From: rdobbins at arbor.net (Dobbins, Roland)
- The state-level attack on the SSL CA security model
  - From: fweimer at bfk.de (Florian Weimer)

Prev by Date: Nortel, in bankruptcy, sells IPv4 address block for $7.5 million
Next by Date: Google Geolocation
Previous by thread: The state-level attack on the SSL CA security model
Next by thread: The state-level attack on the SSL CA security model
Index(es):
- Date
- Thread