Re: [twsocket] [OT] Re: SSL broken?

[Arno Garrels]

Tobias Rapp wrote:
> I guess the centralized trust model of SSL has been a known problem
> for ages. Don't understand why they try to make so much noise about
> it now. 

Probably because it was a Government attack, those fraudulent 
certificates have been already rejected. But wait ICS currently 
doesn't support revocation lists, neither locally stored nor 
dynamically over the internet.  

> IMO the problem of the alternative model (web of trust) is
> that it lacks the "cash cow" properties and thus is less appealing to
> certificate authorities. 

I do not agree, a secret service is able to get fraudulent certificates
from a web of trust as well. All they have to do is forge dokuments.  

-- 
Arno Garrels
--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be

[twsocket] [OT] Re: SSL broken?

[Tobias Rapp]

I guess the centralized trust model of SSL has been a known problem for ages.
Don't understand why they try to make so much noise about it now. IMO the
problem of the alternative model (web of trust) is that it lacks the "cash
cow" properties and thus is less appealing to certificate authorities.

Regards,
Tobias

--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be