On Mon, Feb 22, 2010 at 3:06 PM, Cheng Renquan <[email protected]> wrote:
> On Thu, Feb 18, 2010 at 10:06 AM, Soh Kam Yung <[email protected]> > wrote: > > >From [ > http://www.freedom-to-tinker.com/blog/felten/mozilla-debates-whether-trust-chinese-ca > ]. > > Read also [http://lwn.net/Articles/372386/]. > > > > ===== > > Mozilla Debates Whether to Trust Chinese CA > > yes, CNNIC definitely cannot be trusted, > Dan Kaminsky made a comment to the article on February 18th, 2010 at 2:27 am.: > Do you really think that China's only now getting a "god mode" certificate? > > Go research GeoRoot, or any of the other "we'll sell you a full > intermediate if you promise to be nice" offerings. The CA system is broken for people who are concerned about that level of threat. I'm already able to generate a certificate with arbitrary subject dn that chains to a trusted CA . Surely those with resources of a state agency have been able to do at least as much for a longer time.
_______________________________________________ LUGS Mailing list - [email protected] List FAQ: http://wiki.lugs.org.sg/LugsMailingListFaq Info page: http://www.lugs.org.sg/mailman/listinfo/slugnet To unsubscribe send an empty email to: [email protected]
