[Cryptography] distrusted root CA: WoSign

Peter Gutmann pgut001 at cs.auckland.ac.nz
Sat Oct 1 05:12:01 EDT 2016


John Denker <jsd at av8n.com> writes:

>In general, why do we put up with this?  Why, why, why?

Because we have no choice.  What are you going to do in order to opt out, stop
using the web?  It's a totally captive market.

Note that things are run by the CA/Browser forum, not the CA/Browser/web site
operator/end user/customer forum.  The only people with a say in things are
the ones who are making money off the whole racket, and they aren't going to
do anything to change the status quo.

Peter.


More information about the cryptography mailing list