[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

The state-level attack on the SSL CA security model

Subject: The state-level attack on the SSL CA security model
From: bora at pnl.gov (Akyol, Bora A)
Date: Fri, 25 Mar 2011 08:36:12 -0700
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]> <[email protected]>

What other choice does the public have? By locking them into the current trust model (for good or bad), the community has created this mess.

Is it far fetched to supplement the existing system with a reputation based model such as PGP? I apologize if this was discussed before.

-----Original Message-----
From: Dobbins, Roland [mailto:rdobbins at arbor.net] 
Sent: Thursday, March 24, 2011 3:28 AM
To: nanog group
Subject: Re: The state-level attack on the SSL CA security model

...
Unfortunately, the general public neither know, understand, or care about such things.  They happily click 'I Understand the Risks' or whatever the button says in their browsers of choice to accept self-signed certificates all the time.

...

Follow-Ups:
- The state-level attack on the SSL CA security model
  - From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)

References:
- The state-level attack on the SSL CA security model
  - From: millnert at gmail.com (Martin Millnert)
- The state-level attack on the SSL CA security model
  - From: rdobbins at arbor.net (Dobbins, Roland)
- The state-level attack on the SSL CA security model
  - From: joakim at aronius.se (Joakim Aronius)
- The state-level attack on the SSL CA security model
  - From: rdobbins at arbor.net (Dobbins, Roland)

Prev by Date: Question about AS Origin changes
Next by Date: paypal and ipv6
Previous by thread: The state-level attack on the SSL CA security model
Next by thread: The state-level attack on the SSL CA security model
Index(es):
- Date
- Thread