Not surprisingly, none of the suggestions below benefit the consumer or individual. Perhaps they should just use GPL like verbiage - "not fit for any use".
"Enterprise can't rely on encrypted communications anymore, but corporate counsel can champion a fix" http://www.law.com/jsp/cc/PubArticleCC.jsp?id=1202517008883&From_the_Experts_SSL_Hacked "With respect to the enterprise's public-facing website and SSL portal for its customers, corporate counsel and IT should determine: (i) whether the "subscriber agreement" between the enterprise and the CA adequately protects the enterprise; (ii) the identity and reliability of the relevant RAs used by the CA; (iii) the types of audit policies the CA follows; (iv) whether the CA has been the subject of prior exploits; (v) the types of statements made by the enterprise in its Terms and Conditions of Use regarding the supposed reliability of SSL; (vi) whether the addition of better disclaimers is needed; and (vii) the nature and extent of the CA's insurance coverage." _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
