On Tue, 22 Mar 2011 19:05:00 +0100, Nicolas JEAN <[email protected]> wrote: > Hi all, > > A friend of mine sent me a link to this article (in French): > > http://www.rue89.com/2011/03/18/tunisie-microsoft-complice-de-la-censure-numerique-par-ben-ali-195693 > which accuses Microsoft of helping dictatorships to spy on their people > (too generous state SSL root kits in Internet Explorer).
About a year ago there were discussions on a similar topic after Mozilla accepted the China Internet Network Information Center (CNNIC) as a root CA in Firefox and its other products: see http://lwn.net/Articles/372264/ or https://www.eff.org/deeplinks/2010/03/researchers-reveal-likelihood-governments-fake-ssl for details. So this is really nothing new. And the issue is certainly not specific to Microsoft, it's really about trust in the CAs whose certificates are bundled with every browser (hey, I just checked on my laptop: Google has its own root CA, as well as Japan, as well as AOL, as well as VeriSign, as well as the Brazilian government, as well as VISA... and they are all in the ca-certificates package). And this is why many people are now seeking alternatives to CAs altogether (for example by storing SSL certificates in DNS records), or just not using them anymore (https://blog.torproject.org/blog/life-without-ca). Which, in my opinion, is much more relevant than just blaming Microsoft for doing the same thing as everyong else. -- Regards, Thomas/Schnouki
pgpMiBUg0MUus.pgp
Description: PGP signature
_______________________________________________ Discussion mailing list [email protected] https://mail.fsfeurope.org/mailman/listinfo/discussion
