On Mon, 2012-02-13 at 15:22 -0800, Kyle Hamilton wrote: > On Mon, Feb 13, 2012 at 3:16 PM, Chris Palmer <[email protected]> wrote: > > On Mon, Feb 13, 2012 at 3:08 PM, Kyle Hamilton <[email protected]> wrote: > > For network operators wanting to MITM their own client devices, the > > solution is simple: install the MITM certificate as a trusted root > > certificate at the time the device is provisioned (and/or in later > > updates). Windows GPOs, for example. > > > > There is no need for such operators to get or use a *public* authority > > for this purpose. Everybody wins; what's the problem? > > Do you have any idea how hard some software (*cough*Firefox*cough*) currently > makes it to provision trust anchors for anything, much less anything > resembling this purpose? Do you have any idea how much it costs to > indoctrinate someone into the peculiar worldview where X.509 actually makes > sense?
Solutions be plentiful, according to my <5 min evaluation of some search results.* /M * https://duckduckgo.com/?q=firefox+windows+group+policy&kp=-1
signature.asc
Description: This is a digitally signed message part
_______________________________________________ therightkey mailing list [email protected] https://www.ietf.org/mailman/listinfo/therightkey
