On Tue, Jun 21, 2011 at 1:18 PM, Ian G <[email protected]> wrote: > On 18/06/11 8:16 PM, Marsh Ray wrote: >> >> On 06/18/2011 03:08 PM, slinky wrote: > >> .... But we know there are still hundreds of >> "trusted" root CAs, many from governments, that will silently install >> themselves into Windows at the request of any website. Some of these >> even have code signing capabilities. > > Hmmm... I'm currently working on a risk analysis of this sort of thing. Can > you say more about this threat scenario? http://www.eff.org/deeplinks/2010/08/open-letter-verizon http://www.slate.com/id/2265204/
Jeff _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
