subject:"\[cryptography\] fyi\: The weakest link in the chain\: Vulnerabilities in the SSL certificate authority system and what should be done about them"

Re: [cryptography] fyi: The weakest link in the chain: Vulnerabilities in the SSL certificate authority system and what should be done about them

2011-11-23 Thread ianG

On 23/11/11 11:11 AM, Peter Gutmann wrote: JeffH writes: Of possible interest: The weakest link in the chain: Vulnerabilities in the SSL certificate authority system and what should be done about them It's not just NGOs that are seeing that browser PKI is "the weakest link in the chain". I

Re: [cryptography] fyi: The weakest link in the chain: Vulnerabilities in the SSL certificate authority system and what should be done about them

2011-11-22 Thread Peter Gutmann

JeffH writes: >Of possible interest: > >The weakest link in the chain: Vulnerabilities in the SSL certificate >authority system and what should be done about them It's not just NGOs that are seeing that browser PKI is "the weakest link in the chain". I was recently told of someone at a law work

[cryptography] fyi: The weakest link in the chain: Vulnerabilities in the SSL certificate authority system and what should be done about them

2011-11-22 Thread =JeffH

Of possible interest: The weakest link in the chain: Vulnerabilities in the SSL certificate authority system and what should be done about them [ An Access Policy Brief Regarding the Consequences of the DigiNotar breach for Civil Society and Commercial Enterprise. Discussion Paper for Comment N