ADMIN: end of latest SSL discussion
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Fri Dec 30 19:49:21 EST 2005
"Perry E. Metzger" <perry at piermont.com> writes:
>The latest round of "SSL and X.509 certs in browsers are broken" has gone on
>too long.
It's been a good start though. The first step towards recovery is admitting
that you have a problem...
Hi. My name is Peter and I have an X.509 problem. Initially it was just
small things, a little PKI after lunch, maybe a digital ID after dinner and a
small CRL as a nightcap. Then I discovered OCSP, and started combining low-
and high-assurance certificates. It just got worse and worse. In the end I
was experimenting with cross-certifying CAs and even freebasing trust
anchors. One morning I woke up in bed next to a giant lizard wearing a
Mozilla t-shirt and knew I had a problem.
It's now been six weeks since my last PKI...
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list