None of them The threat we should be interested in at this point is the following:
* Bad thing happens to user of the Internet. On Thu, Jan 19, 2012 at 6:36 PM, Paul Hoffman <[email protected]> wrote: > The charter for this list says: "A number of people are interested in > discussing proposals that have been developed in response to recent attacks > on the Internet security infrastructure, in particular those that affected > sites using TLS and other protocols relying on PKI." > > Which attacks are we interested in? > > a) Attackers can get a trusted PKIX certificate due to errors on the part > of some CAs that are trusted by web browsers. > > b) Attackers can get a trusted PKIX certificate due to intentional laxness > on the part of some CAs that are trusted by web browsers. > > c) Attackers can issue certificates that cause warnings in web browsers > that are often ignored and clicked through. > > The solution to each of these is different. > > --Paul Hoffman > > _______________________________________________ > therightkey mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/therightkey > -- Website: http://hallambaker.com/
_______________________________________________ therightkey mailing list [email protected] https://www.ietf.org/mailman/listinfo/therightkey
