browser vendors and CAs agreeing on high-assurance certificates

James A. Donald jamesd at echeque.com
Sun Dec 18 12:47:27 EST 2005


    --
From:           	"Steven M. Bellovin" 
<smb at cs.columbia.edu>
> http://news.com.com/Browsers+to+get+sturdier+padlocks/ 
> 2100-1029_3-5989 633.html?tag=st.rn
>
> The article is a bit long-winded and short on details,

Typical marketing bullshit.
> but the basic message is simple: too many CAs have 
> engaged in a price- and cost-driven race to the 
> bottom; there are thus too many certificates being 
> issued that aren't really trustworthy.

Has anyone been attacked through a certificate that 
would not have been issued under stricter security?  The 
article does not mention any such attacks, nor have I
ever heard of such an attack.

If no attacks, this is just an excuse for higher priced 
holy water, an attempt to alter the Browser interface to 
increase revenue, not increase security - to solve the 
CA's problem, not solve the user's problem.  

    --digsig
         James A. Donald
     6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
     9gZDh7SzUIydFOkZcwjeTnkd9RZt8ug2ixc7jGCB
     4m7NXA50DZoZI3WxvI4Fh8+c0l0CG/6GYiqtrMek7


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list