One point: Most of the Iranian banks have bought SSL certification from TurkTrust.
Sent from my iPhone On 4 Jan 2013, at 01:41, Collin Anderson <[email protected]> wrote: > On Thu, Jan 3, 2013 at 5:26 PM, Ruben Bloemgarten <[email protected]> wrote: >> "you don´t know who I am, but only we know what we´re telling each other." > > So essentially you and Nadim are arguing that, since CAs fail some of the > time, we should get rid of the whole system and end up in the same position > -- where there is no trust in validating that the person talking to you is > actually who they say they are? > > Does anyone believe that users will actually understand the difference? > > > On Thu, Jan 3, 2013 at 5:26 PM, Ruben Bloemgarten <[email protected]> wrote: >> Nadim, >> >> I think its about time to have CA´s be peer accredited institutes >> (EFF/tor/access now/my brother´s sister´s cousin/ whoever) issuing free >> or at least at cost certs. That being said, I don´t think certs are very >> good at preventing mitm anyway, that might be the case if a majority of >> users would have the wherewithal for a more realistic reaction than "ooh >> red/green is bad/good", and even then. Love ssl, don´t really care about >> certs. So yes, lets dump "trust me, I´ve been certified" in favor of >> "you don´t know who I am, but only we know what we´re telling each other." >> >> - Ruben >> >> On 01/04/2013 02:09 AM, Nadim Kobeissi wrote: >> > Another CA has been found issuing SSL certificates for Google services. >> > Mozilla has acted on the >> > issue: >> > https://blog.mozilla.org/security/2013/01/03/revoking-trust-in-two-turktrust-certficates/ >> > >> > The weird thing is that it's starting to appear less and less crazy to >> > just get rid of the CA system and replace it with… nothing. What do you >> > guys think? >> > >> > NK >> > >> > >> > -- >> > Unsubscribe, change to digest, or change password at: >> > https://mailman.stanford.edu/mailman/listinfo/liberationtech >> > >> >> -- >> Unsubscribe, change to digest, or change password at: >> https://mailman.stanford.edu/mailman/listinfo/liberationtech > > > > -- > Collin David Anderson > averysmallbird.com | @cda | Washington, D.C. > -- > Unsubscribe, change to digest, or change password at: > https://mailman.stanford.edu/mailman/listinfo/liberationtech
-- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
