Julien Pierre wrote:
Security is after all about the weakest link, what point is there
auditing CAs if you don't audit the hosts interacting with finacial
information after you send it over the net?
The point in auditing the CAs is that it's better than not auditing the
CAs at all.
It's not an absolute. There is no point in auditing
the CAs if it achieves little or nothing, in terms of
security, and costs money. The reason that Frank wrote
his policy on these points, presumably, is that it's
not clear that audits of CAs deliver value for money.
Certainly other attacks exist, but attacks on certificates are one
type of attacks that is possible. I agree that indeed Mozilla should
be reviewed for all types of attacks, not just crypto/certificates
attacks, but not that we should ignore crypto/certificates attacks.
And how often has it happened I think you'll find is his point, not
often if at all, they don't need to use ssl, just look at how much
money is lost every year to 419'ers
If that's his point, then I completely disagree with it. Just because
every other part of Mozilla does security reviews wrong (or not at all)
doesn't mean we also should do the same for the NSS and other security
components of Mozilla.
It's one of my points! Another of my points is
someone has to pay for it, even if it doesn't
happen. So, a good security view will ask, what's
the value for money here?
iang
_______________________________________________
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
