On 2011-12-04 18:18, Ondrej Mikle wrote:
Hypothetical question: assume enough people get educated how to spot the MitM
box at work/airport/hotel. Let's say few of them post the MitM chains publicly
which point to a big issuing CA. It was said (by Peter I think) that nothing
would likely happen to big issuing CAs (too-big-to-fail). Would the MitM-ing
sub-CAs take the fall? (lose license and invested funds)

You think too small. We should be trying to replace PKI, not particular badly behaved bits of the PKI infrastructure.

_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography

Reply via email to