[prev in list] [next in list] [prev in thread] [next in thread]
List: twsocket
Subject: Re: [twsocket] [OT] Re: SSL broken?
From: "Arno Garrels" <arno.garrels () gmx ! de>
Date: 2011-03-26 18:47:17
Message-ID: C702E4BBC7B74A3BA7C8C61D14DED600 () asus
[Download RAW message or body]
Tobias Rapp wrote:
> I guess the centralized trust model of SSL has been a known problem
> for ages. Don't understand why they try to make so much noise about
> it now.
Probably because it was a Government attack, those fraudulent
certificates have been already rejected. But wait ICS currently
doesn't support revocation lists, neither locally stored nor
dynamically over the internet.
> IMO the problem of the alternative model (web of trust) is
> that it lacks the "cash cow" properties and thus is less appealing to
> certificate authorities.
I do not agree, a secret service is able to get fraudulent certificates
from a web of trust as well. All they have to do is forge dokuments.
--
Arno Garrels
--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic