>>> protection from the NSA and other governments and companies >> _That_ protection was blown when the first wildcard cert was issued > If I own example.com and I get a cert for *.example.com how is that > insecure?
Because there is no technical difference between that and a cert for *.com or *.qc.ca: there is no way to tell, when presented with the cert, whether everything covered by it is under common administration. /~\ The ASCII Mouse \ / Ribbon Campaign X Against HTML [email protected] / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B _______________________________________________ Lynx-dev mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/lynx-dev
