Re: [cryptography] if MitM via sub-CA is going on, need a name-and-shame catalog (Re: really sub-CAs for MitM deep packet inspectors?)

Fri, 02 Dec 2011 11:04:38 -0800 

On Fri, Dec 2, 2011 at 2:00 PM, ianG <i...@iang.org> wrote:
> On 3/12/11 03:36 AM, Ben Laurie wrote:
>>
>> On Fri, Dec 2, 2011 at 4:14 PM, ianG<i...@iang.org>  wrote:
>>>
>>> On 2/12/11 23:00 PM, Peter Gutmann wrote:
>>>>
>>>> I guess if you're running into this sort of thing for the first time
>>>> then
>>>> you'd be out for blood, but if you've been aware of this it going on for
>>>> more
>>>> than a decade then it's just business as usual for commercial PKI.  I'm
>>>> completely unfazed by it, it's pretty much what you'd expect.
>>>
>>>
>>> Wifebeating syndrome :)  I was aware of the claim of MITMing, but nobody
>>> offered proof and it sort of faded away under the cover of NDAs.
>>
>> Note that this is still the case :-)
>
>
> Which is the point of security by NDA :)
>
> Whoever said security by obscurity doesn't work?  Must have been on
> something.
:)
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

Reply via email to