[Cryptography] "Trust in digital certificate ecosystem eroding"
Ben Laurie
ben at links.org
Fri May 1 05:08:33 EDT 2015
On 30 April 2015 at 23:34, Andreas Junius <andreas.junius at gmail.com> wrote:
> I for example know exactly that I'll never need to trust TURKTRUST, because
> I don't know Turkish.
This idea is attractive, but incorrect. All CAs are empowered to issue
certs for all domains. Although its likely that most certs issued by
Turktrust are indeed for Turkish sites, it is by no means guaranteed
to be true for all. What's more, Turks do speak English, amazingly, so
even Turkish sites might be useful to English speakers.
More information about the cryptography
mailing list