[Cryptography] hard to trust all those root CAs

Lodewijk andré de la porte l at odewijk.nl
Sat Jul 19 17:28:02 EDT 2014


2014-07-19 23:03 GMT+02:00 John Denker <jsd at av8n.com>:

> (including the Hong Kong Post Office)


So far these people have been very reliable for me.

But, more seriously, nobody thinks SSL is a reasonable way to secure the
web. It's just the best people could think off.

Oh, and all the "people in charge" are in favor or not against it.

It does work against a /lot/ of threats. It's a pretty big deal when people
find a MITM that a  root cert helped with. Because releatively few people
can exploit a root cert (socially, politically, financially or just the
usual computer hacking way) it still helps (a lot) to have SSL. It also
means any attack that does work gets a lot more attention (is a lot more
high profile).

But, ultimately, a much better way is still unfound or unproduced.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140719/335f5e35/attachment.html>


More information about the cryptography mailing list