On Sat, Sep 7, 2013 at 10:20 AM, Jeffrey I. Schiller <j...@mit.edu> wrote:
> One of the most obvious ways to compromise a cryptographic system is
> to get the keys. This is a particular risk in TLS/SSL when PFS is not
> used. Consider a large scale site (read: Google, Facebook, etc.) that
> uses SSL. The private keys of the relevant certificates needs to be
> literally on hundreds if not thousands of systems.

$5k USD to anyone one of the thousands of admins with access....

-Jim P.
The cryptography mailing list

Reply via email to