Arshad Noor <[email protected]> writes:

>Just because you come across one compromised CA out of 100 in the browser,
>does not imply that the remaining 99 are compromised (which is what you are
>implying with your statement).

Since browser PKI uses universal implicit cross-certification, it is indeed
the case that if one CA is compromised, all are compromised.  So Ian is
correct in his assessment.

Peter.
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography

Reply via email to