On 09/07/2011 02:34 PM, Fredrik Henbjork wrote:
http://www.globalsign.com/company/press/090611-security-response.html This whole mess just gets "better and better"...
What's interesting is how the attacker simply doesn't fit the expected motivations that SSL cert-based PKI was ever sold as defending against. The attacker says a lot of things, but I find this interesting: http://pastebin.com/GkKUhu35
P.S. In wikipedia of SSL, it should be added for future that I caused to remove SSL or CA system security model, I have a special idea for private communication via browsers which could be used instead
He wants credit for saving the world from PKI! - Marsh _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
