[liberationtech] Another CA Compromise: TurkTrust
Ruben Bloemgarten
ruben at abubble.nl
Thu Jan 3 17:26:30 PST 2013
Nadim,
I think its about time to have CA´s be peer accredited institutes
(EFF/tor/access now/my brother´s sister´s cousin/ whoever) issuing free
or at least at cost certs. That being said, I don´t think certs are very
good at preventing mitm anyway, that might be the case if a majority of
users would have the wherewithal for a more realistic reaction than "ooh
red/green is bad/good", and even then. Love ssl, don´t really care about
certs. So yes, lets dump "trust me, I´ve been certified" in favor of
"you don´t know who I am, but only we know what we´re telling each other."
- Ruben
On 01/04/2013 02:09 AM, Nadim Kobeissi wrote:
> Another CA has been found issuing SSL certificates for Google services.
> Mozilla has acted on the
> issue: https://blog.mozilla.org/security/2013/01/03/revoking-trust-in-two-turktrust-certficates/
>
> The weird thing is that it's starting to appear less and less crazy to
> just get rid of the CA system and replace it with… nothing. What do you
> guys think?
>
> NK
>
>
> --
> Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
More information about the liberationtech
mailing list