Tobias Rapp wrote: > I guess the centralized trust model of SSL has been a known problem > for ages. Don't understand why they try to make so much noise about > it now.
Probably because it was a Government attack, those fraudulent certificates have been already rejected. But wait ICS currently doesn't support revocation lists, neither locally stored nor dynamically over the internet. > IMO the problem of the alternative model (web of trust) is > that it lacks the "cash cow" properties and thus is less appealing to > certificate authorities. I do not agree, a secret service is able to get fraudulent certificates from a web of trust as well. All they have to do is forge dokuments. -- Arno Garrels -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be