A mighty fortress is our PKI
Sampo Syreeni
decoy at iki.fi
Mon Jul 26 22:40:07 EDT 2010
On 2010-07-26, Perry E. Metzger wrote:
> I think that you may be right -- the entire TLS PKI model may be so
> horribly broken that, once you no longer have any real security to
> speak of, simply sharing a cert among hundreds of trust domains hardly
> harms anything further.
I agree. But do we then have any quantitative research on how bad this
sort of sharing really is, in excess of the basic cryptographic
vulnerability? Does the social network research of recent years yield
any numbers, for instance?
--
Sampo Syreeni, aka decoy - decoy at iki.fi, http://decoy.iki.fi/front
+358-50-5756111, 025E D175 ABE5 027C 9494 EEB0 E090 8BA9 0509 85C2
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list