[Cryptography] The EFF 650 CAs lie

jamesd at echeque.com jamesd at echeque.com
Sat May 2 06:09:03 EDT 2020


On 2020-05-01 03:49, Phillip Hallam-Baker wrote:
> Oh yes and that business of me working for a 'for profit' CA. That has not
> been true for well over a year. At this point it is now the EFF that is in
> a position to profit greatly from the situation they helped create. Lets
> Encrypt is probably worth in the region of half a billion dollars.
> 
> Oh! Oh! people shout. But Lets Encrypt is 'not for profit'.

LetsEncrypt made an excruciatingly painful process dead easy, and put 
control into the hands of those who should have control.

LetsEncrypt deserves half a billion dollars.  The rest mostly deserve 
jail time.

How does LetsEncrypt get that from providing a free service?

The basic problem with certificates is that a very large number of 
entities can cook up a man in the middle certificate.  Have man in the 
middle certificates been observed in the wild?



More information about the cryptography mailing list