begin quoting [EMAIL PROTECTED] as of Fri, Dec 01, 2006 at 11:38:49AM -0800: > On Thu, Nov 30, 2006 at 04:20:35PM -0800, James G. Sack (jim) wrote: > > Whom do you trust? Not a trivial problem, is it? > > Well then I'm not sure our flawed universal PKI system has accomplished > *anything* !!!
It generated a lot of code and a number of papers. :) > If you *don't* use PKI (SSL) then you have certain vulnerabilities. > > If you use our current flawed universal PKI (SSL) system then you have > different vulnerabilities. > > Either way you have vulnerabilities. So what has PKI / SSL done for us? Made the attackers spend a lot more energy, time, and money in order to attack us. There is no panacea, only mitigation. -- _ |\_ \| -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
