On 2010-07-26, Perry E. Metzger wrote:
I think that you may be right -- the entire TLS PKI model may be so horribly broken that, once you no longer have any real security to speak of, simply sharing a cert among hundreds of trust domains hardly harms anything further.
I agree. But do we then have any quantitative research on how bad this sort of sharing really is, in excess of the basic cryptographic vulnerability? Does the social network research of recent years yield any numbers, for instance?
-- Sampo Syreeni, aka decoy - [email protected], http://decoy.iki.fi/front +358-50-5756111, 025E D175 ABE5 027C 9494 EEB0 E090 8BA9 0509 85C2 --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [email protected]
