On Tue, Sep 6, 2011 at 13:01, Tim Evans <[email protected]> wrote: > If this is true, I find this absolutely unacceptable that a commercial CA > would run a system like this. Incredible > > > > http://computer-forensics.sans.org/blog/2011/09/06/diginotar-incident-response-report-no-logging-weak-password-no-protected-network
One more company that failed the rigors of the market, pursuing short term profits at the expense of longevity - or they could just be stupid. It might bid fair to put the final nails in the coffin of SSL. There are a lot of smart folks looking to make something that is more useful and trustworthy than these certs. Unfortunately, if, as seems likely, it was Iranian government agents behind this, it's probable that some people have been imprisoned, tortured or murdered as a result. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
