[Cryptography] hard to trust all those root CAs
Russ Nelson
nelson at crynwr.com
Tue Jul 22 19:59:10 EDT 2014
Jerry Leichter writes:
> On Jul 19, 2014, at 5:03 PM, John Denker <jsd at av8n.com> wrote:
> > SSL "packet inspection" is an article of commerce. The fact that
> > this is even remotely possible tells me that SSL fails to provide
> > the thing I most want it to provide.
> > https://www.google.com/search?q=%22ssl+packet+inspection%22
> This is an "it depends" situation.
Crypto without a threat model is like cookies without milk. Keep
saying it until it becomes second nature to specify the threat model.
--
--my blog is at http://blog.russnelson.com
Crynwr supports open source software
521 Pleasant Valley Rd. | +1 315-600-8815
Potsdam, NY 13676-3213 | Sheepdog
More information about the cryptography
mailing list