Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Another CA Compromise: TurkTrust

Ruben Bloemgarten ruben at abubble.nl
Thu Jan 3 17:26:30 PST 2013


Nadim,

I think its about time to have CA´s be peer accredited institutes
(EFF/tor/access now/my brother´s sister´s cousin/ whoever) issuing free
or at least at cost certs. That being said, I don´t think certs are very
good at preventing mitm anyway, that might be the case if a majority of
users would have the wherewithal for a more realistic reaction than "ooh
red/green is bad/good", and even then. Love ssl, don´t really care about
certs. So yes, lets dump "trust me, I´ve been certified" in favor of
"you don´t know who I am, but only we know what we´re telling each other."

- Ruben

On 01/04/2013 02:09 AM, Nadim Kobeissi wrote:
> Another CA has been found issuing SSL certificates for Google services.
> Mozilla has acted on the
> issue: https://blog.mozilla.org/security/2013/01/03/revoking-trust-in-two-turktrust-certficates/
> 
> The weird thing is that it's starting to appear less and less crazy to
> just get rid of the CA system and replace it with… nothing. What do you
> guys think?
> 
> NK
> 
> 
> --
> Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 




More information about the liberationtech mailing list