On 18/06/11 8:16 PM, Marsh Ray wrote:
On 06/18/2011 03:08 PM, slinky wrote:
.... But we know there are still hundreds of "trusted" root CAs, many from governments, that will silently install themselves into Windows at the request of any website. Some of these even have code signing capabilities.
Hmmm... I'm currently working on a risk analysis of this sort of thing. Can you say more about this threat scenario?
iang _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
