[Cryptography] distrusted root CA: WoSign
Georgi Guninski
guninski at guninski.com
Mon Oct 3 13:35:21 EDT 2016
On Mon, Oct 03, 2016 at 02:54:45AM +0000, Peter Gutmann wrote:
> Right, and that's the standard excuse for PKI, "it's not guaranteed to do
> anything, and that's exactly what it does". So why are we paying millions?
> billions? of dollars a year for it then? It's pure snake oil [0].
>
...
> [0] Again, this may be a bit of a difficult claim to substantiate, because
> snake oil at least claims to solve all manner of problems, while PKI
> just is. As Ben rightly points out, it doesn't address phishing, it
> doesn't address malware, it doesn't... Perhaps we should paraphrase
> Pauli to say that "it's not even snake oil".
Can the people (aka sheeple) do anything to change the CA/vendor situation
(possibly screwing the CAs/vendors with a chainsaw)?
More information about the cryptography
mailing list