[Cryptography] replacing the whole sodding lot

Tom Ritter tom at ritter.vg
Tue May 5 02:17:55 EDT 2015

On 4 May 2015 at 19:09, ianG <iang at iang.org> wrote:
> One of the snarky predictions I made to the SSL/PKI/CA cabal when they
> refused to respond to security issues was that at some point the whole lot
> would be replaced.  It took a while, but there are now some green shoots.
> This is spectacularly good, and I will say that all of the nasty things I've
> said about this company are forgiven.  I'll still say them, but ALL is

You can like QUIC as a TLS-replacement... but it doesn't change PKI.
It's still rooted in CAs (modulo certificate pinning.)



More information about the cryptography mailing list