[Cryptography] Chrome & Firefox protecting users against Symantec (Thawte, Verisign, Equifax, Geotrust, RapidSSL, etc) certs.
Salz, Rich
rsalz at akamai.com
Tue Sep 12 17:09:07 EDT 2017
- Previous message (by thread): [Cryptography] Chrome & Firefox protecting users against Symantec (Thawte, Verisign, Equifax, Geotrust, RapidSSL, etc) certs.
- Next message (by thread): [Cryptography] Chrome & Firefox protecting users against Symantec (Thawte, Verisign, Equifax, Geotrust, RapidSSL, etc) certs.
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
> (Side question: Why the heck did Symantec think it needed so many
> different names? When I see other companies playing shell games like
> that my first thought is money laundering.)
Because they bought other CA’s, who had previously in turn acquired yet another CA’s. The root keys are identified in a number of ways – name, key-hash, etc – and often embedded in systems that cannot be easily modified, if at all.
So while it might be nice to ‘clean up’ the naming tree and consolidate it, there are reasons to not do so and the strongest reason in favor is really little more than nerd aesthetics.
/r$
- Previous message (by thread): [Cryptography] Chrome & Firefox protecting users against Symantec (Thawte, Verisign, Equifax, Geotrust, RapidSSL, etc) certs.
- Next message (by thread): [Cryptography] Chrome & Firefox protecting users against Symantec (Thawte, Verisign, Equifax, Geotrust, RapidSSL, etc) certs.
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the cryptography
mailing list