* Alaric Dailey:
DNSSEC is an assertion of validitity of the DNS.
EV certs assert that the business behind the cert is legit.
Only that a legal entity exists (whether its legitimate is not
checked). EV certificates are routinely issued to organizations which
do not run the business which
On 11/15/2008 05:19 PM, Florian Weimer:
* Alaric Dailey:
DNSSEC is an assertion of validitity of the DNS.
EV certs assert that the business behind the cert is legit.
Only that a legal entity exists (whether its legitimate is not
checked). EV certificates are routinely issued to
Eddy Nigg wrote:
On 11/15/2008 05:19 PM, Florian Weimer:
* Alaric Dailey:
DNSSEC is an assertion of validitity of the DNS.
EV certs assert that the business behind the cert is legit.
Only that a legal entity exists (whether its legitimate is not
checked). EV certificates are routinely
On 11/15/2008 05:57 PM, Wes Kussmaul:
Eddy Nigg wrote:
On 11/15/2008 05:19 PM, Florian Weimer:
* Alaric Dailey:
DNSSEC is an assertion of validitity of the DNS.
EV certs assert that the business behind the cert is legit.
Only that a legal entity exists (whether its legitimate is not
At 8:20 PM +0200 11/15/08, Eddy Nigg wrote:
Lets stay focused!
This thread started off with a purported newbie having a problem with seeing
self-signed certs where she shouldn't have. It then morphed into a discussion
of security UI design. Then it went to what users shold and should not be
On 11/15/2008 10:04 PM, Paul Hoffman:
At 8:20 PM +0200 11/15/08, Eddy Nigg wrote:
Lets stay focused!
This thread started off with a purported newbie having a problem with seeing
self-signed certs where she shouldn't have. It then morphed into a discussion
of security UI design. Then it went
Anders Rundgren wrote:
I haven't followed this lengthy discussion in detail but I have for a long
time wondered how DNSSEC and SSL-CA-Certs should coexist.
Which one will be the most authoritative?
Could DNSSEC (if it finally succeeds) be the end of SSL-CA-certs?
DNSSEC only attempts to
On 11/10/2008 09:52 PM, Nelson Bolyard:
Anders Rundgren wrote:
I haven't followed this lengthy discussion in detail but I have for a long
time wondered how DNSSEC and SSL-CA-Certs should coexist.
Which one will be the most authoritative?
Could DNSSEC (if it finally succeeds) be the end of
Nelson Bolyard wrote:
I haven't followed this lengthy discussion in detail but I have for a long
time wondered how DNSSEC and SSL-CA-Certs should coexist.
Which one will be the most authoritative?
Could DNSSEC (if it finally succeeds) be the end of SSL-CA-certs?
DNSSEC only attempts to
Subject: DNSSEC? Re: MITM in the wild
I haven't followed this lengthy discussion in detail but I have for a long
time wondered how DNSSEC
and SSL-CA-Certs should coexist.
Which one will be the most authoritative?
Could DNSSEC (if it finally succeeds) be the end of SSL-CA-certs?
Anders
At 11:52 AM -0800 11/10/08, Nelson Bolyard wrote:
DNSSEC only attempts to ensure that you get the (a) correct IP address.
s/only/only currently/
You can stick any data you want in the DNS. Currently the most popular data is
the A record (IP address) associated with a domain name, but is it
I haven't followed this lengthy discussion in detail but I have for a long time
wondered how DNSSEC
and SSL-CA-Certs should coexist.
Which one will be the most authoritative?
Could DNSSEC (if it finally succeeds) be the end of SSL-CA-certs?
Anders
12 matches
Mail list logo
