On 08/05/2013 04:45 PM, Richard Pieri wrote:
You're assuming that the NSA needs to crack everything. I'm assuming that they have master keys for the public certificate authorities.
That doesn't give them session keys for communications. And they don't have a private key that they don't have. A self-signed certificate is still good. And though a commercially certificate can be spoofed, when Verisign signs a certificate, the private key is not magically produced.
-kb _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
