[Cryptography] Certificates and PKI

Tony Arcieri bascule at gmail.com
Fri Dec 26 02:03:04 EST 2014

On Fri, Dec 19, 2014 at 4:38 AM, Jerry Leichter <leichter at lrw.com> wrote:

> If your goal is security against passive eavesdroppers - and, in
> particular, against "record everything" government agencies - then a
> self-signed certificate is as good as anything.
> If you want to defend against active MITM attacks, then you need a
> trustworthy certificate.  But as we all know, the current model of hundreds
> of equally-trusted CA's cannot possibly produce legitimate trust.

I was a fan of opportunistic encryption for awhile, but after seeing this,
it started to seem pretty silly to me:


So FUD about CAs aside, without some form of authentication, ISPs (or
anyone with a privileged network position) can and *are* automatically and
trivially stripping opportunistic encryption, rendering it effectively

Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20141226/f3bde0f8/attachment.html>

More information about the cryptography mailing list