Search Mailing List Archives
[liberationtech] Another CA Compromise: TurkTrust
julian at julianoliver.com
Thu Jan 3 17:18:43 PST 2013
..on Fri, Jan 04, 2013 at 03:09:41AM +0200, Nadim Kobeissi wrote:
> Another CA has been found issuing SSL certificates for Google services.
> Mozilla has acted on the issue:
> The weird thing is that it's starting to appear less and less crazy to just
> get rid of the CA system and replace it with… nothing. What do you guys
This is where I like Moxie's approach with Convergence very much, albeit I
haven't had a whole lot of luck with it (in BETA) so far.
SSL/TLS is a fairly fundamental part of the transport layer infrastructure these
days - hard to shake it! But yes indeed, it's insane that we're trusting these
random companies to look after their end of the bargain, let alone the browsers
vendors that trust them in turn.
More information about the liberationtech