[Cryptography] "Trust in digital certificate ecosystem eroding"
Hanno Böck
hanno at hboeck.de
Fri May 1 14:29:28 EDT 2015
On Wed, 29 Apr 2015 21:25:50 -0400
Jerry Leichter <leichter at lrw.com> wrote:
> Summary: The greater business world is starting to figure out just
> how untrustworthy today's CA system really is.
>
> http://www.fierceitsecurity.com/story/trust-digital-certicate-ecosystem-eroding/2015-04-28
Writing about CA problems and not mentioning HPKP and CT is kinda
strange...
I mean I wholeheartedly agree that there are many problems with CAs. I
just would like to ask people who write on that to recognize that
people have been trying to improve things. And some of these
improvements are available and usable.
If you're worried about CA problems use HPKP. It makes CA failures not
impossible, but much less likely.
--
Hanno Böck
http://hboeck.de/
mail/jabber: hanno at hboeck.de
GPG: BBB51E42
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150501/686f7b78/attachment.sig>
More information about the cryptography
mailing list