Hi, [The EFF's count]
>> You can't calculate the number of CAs the way the EFF tried to. An >> intermediate certificate does not equate to a CA. Pretending it does to >> peddle an alternative PKI scheme calls into question their veracity. >> > > I disagree strongly. I have an intermediate certificate. I am as > powerful CA as a result. > Please also see these estimates which are even higher: > > https://zakird.com/slides/durumeric-https-imc13.pdf > > "Identified 1,832 CA certificates belonging to 683 organizations" > "311 (45%) of the organizations were provided certificates by > German National Research and Education Network (DFN) " I was there at IMC and spoke with Zakir. He was not aware of the fact that the private keys to all the intermediate certificates are held by the central DFN Verein, not the RAs themselves. In the case of DFN, the intermediate certs only identify the RAs. The RAs do not carry signing power. It is the same at TUM, where I work, BTW. Ralph -- Ralph Holz I8 - Network Architectures and Services Technische Universität München http://www.net.in.tum.de/de/mitarbeiter/holz/ Phone +49.89.289.18043 PGP: A805 D19C E23E 6BBB E0C4 86DC 520E 0C83 69B0 03EF _______________________________________________ therightkey mailing list therightkey@ietf.org https://www.ietf.org/mailman/listinfo/therightkey
