On Aug 27, 2011, at 10:31 AM, John Levine wrote: > TLS for session privacy is nice, but I find negligible value in a > little lock icon in my browser that means only that one of the several > dozen cert issuers configured into my browser, most of whom I've never > heard of, and many of whom aren't even the organization in the cert > name, signed something.
+1. IMO browser vendors have made TLS nearly useless for web browsing by including so many default CAs; some with dubious integrity, and a few with a demonstrated lack of integrity.
_______________________________________________ Ietf mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf
