[Cryptography] Facebook on the state of STARTTLS
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Tue May 20 08:01:47 EDT 2014
Phillip Hallam-Baker <phill at hallambaker.com> writes:
>Cost of a CA issued certificate = $50 /year [Comodo cheap SSL]
>
>Cost of finding a PKI consultant = $2,000
>Cost of a PKI consultant = $200/hr
You're using the wrong analogy there. The PKI community (at least the small
bits of it that are grounded in the real world) has known for a decade or
more, and the rest of the world has discovered in the last year or so, that
beyond "make the browser warnings go away", the usefulness of PKI is pretty
limited, and in particular it doesn't protect you against any serious attack
unless you've had your PKI set up and evaluated and tested ad nauseam by
experts. So a better analogy would be from the field of medicine:
>Cost of a CA issued certificate = $50 /year [Comodo cheap SSL]
Cost of a consult with Dr.Google and meds from an online pharmacy: $50.
>Cost of finding a PKI consultant = $2,000
>Cost of a PKI consultant = $200/hr
Cost of a consult with a medical specialist = $2,000.
Cost of treatment = $200/hr.
Which of those two would you choose to deal with your skin/lung/stomach
cancer?
(A quick Google indicates that you can actually buy homeopathic cancer cures,
see e.g. http://abchomeopathy.com/r.php/Carb-an. It appears to top out at
about $25 though, not $50: http://www.abchomeopathy.com/shop.php. Maybe they
can dilute it another 50% for the $50 version).
Peter.
More information about the cryptography
mailing list