On 6/01/13 09:48 AM, Ryan Sleevi wrote:
Perhaps it's this kind of thinking that leads to failed audits :)
It will, it does, and the information is readily available from the
previous post.
https://www.cabforum.org/Baseline_Requirements_V1_1.pdf Sections 14
through 16
Additionally,
Ben Laurie b...@links.org writes:
On Sat, Jan 5, 2013 at 1:26 PM, Peter Gutmann pgut...@cs.auckland.ac.nz
wrote:
In the light of yet another in an apparently neverending string of CA
failures, how long are browser vendors going to keep perpetuating this PKI
farce? [0]. Not only is there no
Certificate Transparency is a real security measure that is a response by a
browser vendor.
So the response to the repeated failure of browser PKI is PKI-me-harder.
Yeah, that's really going to make users safer.
I don't see why CT is PKI-me-harder. EV or BR would fall into that
category.
On Sun, Jan 6, 2013 at 1:15 PM, Peter Gutmann pgut...@cs.auckland.ac.nz wrote:
Ben Laurie b...@links.org writes:
On Sat, Jan 5, 2013 at 1:26 PM, Peter Gutmann pgut...@cs.auckland.ac.nz
wrote:
In the light of yet another in an apparently neverending string of CA
failures, how long are browser
Bitcoin based DNS? That would be Namecoin. I am unsure if it also manages
SSL or similiar link encryption or if that is a separate thing for the
scheme.
Den 6 jan 2013 08:27 skrev James A. Donald jam...@echeque.com:
On 2013-01-05 12:07 PM, Morlock Elloi wrote:
Correct. The cost of being CA is
On Fri, Jan 4, 2013 at 6:40 PM, d...@geer.org wrote:
you may have already seen this, but
http://www.bbc.co.uk/news/technology-20908546
Cyber thieves pose as Google+ social network
...
The fake ID credentials have been traced back to Turkish security
firm TurkTrust which mistakenly
Ben Laurie b...@links.org with:
a) I don't believe your figures,
Well I don't believe in the tooth fairy, but in this case you're going to have
to provide a more convincing rebuttal than I choose not to believe in this
inconvenient information.
I suspect you don't understand CT - perhaps you'd
On 2013-01-07 9:20 AM, Peter Gutmann wrote:
I'll update it as soon as browser PKI starts working (meaning that we have
real evidence that it's effectively preventing the sorts of things attackers
are doing, phishing and so on). Deal?
The fundamental cause of phishing is that it is so easy to
On Sat, Jan 5, 2013 at 4:23 PM, Jeffrey Walton noloa...@gmail.com wrote:
On Sat, Jan 5, 2013 at 3:59 PM, Ryan Hurst ryan.hu...@globalsign.com wrote:
In the future, we won't need their honesty. Or the 'honesty' they want
use to perceive.
Did anyone really think a CA would risk a
There are two long-term trends that might inform this argument.
1. Vendors have typically refused to improve the model of browser
security if it has involved changes to the model. There is a long
history of people providing suggestions, papers and code, and the
vendors have ignored them.
10 matches
Mail list logo