On Sun, 12 Feb 2012, Jeffrey Walton wrote:
(2) Did the other end of the SSL/TLS tunnel also agree to be monitored?
Ding!
Yes, that is the key - and was the key the first time we visited this
subject a few months ago.
When all is said and done, and Jane Doe cube peasant signs away her
On Thu, 1 Mar 2012, Jeffrey Walton wrote:
On Thu, Mar 1, 2012 at 10:27 PM, Steven Bellovin s...@cs.columbia.edu wrote:
http://www.scmagazine.com.au/News/292189,nsa-builds-android-phone-for-top-secret-calls.aspx
makes for interesting reading. I was particularly intrigued by this:
Let's assume hardware is zero ... it's a really variable cost, so I assume
(correct me if I'm wrong) that it is a trivial cost compared to legal and
audit costs, etc.
So what does it cost to start a root CA, get properly audited (as I see
the root CAs are) and get yourself included into,
On Fri, 4 Jan 2013, yersinia wrote:
Finally, it seems to me that since there re so few root CAs (~30 ?) and the
service provided is such an arbitrary, misunderstood one, that existing CAs
would be actively trying to prevent new entrants ... and establish
themsevles as toll collectors with a
On Fri, 4 Jan 2013, Greg Rose wrote:
You could ask the folks at CAcert... I imagine Ian Grigg will also chime
in. Certification costs a lot, and as you have observed, the incumbents
try very hard to keep you out. Despite some reasonable sources of
funding, CAcert still didn't succeed.
Jon,
Many thanks for this very informative post - really appreciated.
Some comments, below...
On Sat, 5 Jan 2013, Jon Callas wrote:
Now that $250K that I spent got an offline root CA and an intermediate
online CA. The intermediate was not capable of supporting workloads that
would make