[19298] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

browser vendors and CAs agreeing on high-assurance certificates

daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Sun Dec 18 10:43:41 2005

X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: "Steven M. Bellovin" <smb@cs.columbia.edu>
To: cryptography@metzdowd.com
Date: Sun, 18 Dec 2005 00:28:32 -0500

http://news.com.com/Browsers+to+get+sturdier+padlocks/2100-1029_3-5989633.html?tag=st.rn

The article is a bit long-winded and short on details, but the basic 
message is simple: too many CAs have engaged in a price- and 
cost-driven race to the bottom; there are thus too many certificates 
being issued that aren't really trustworthy.  A group of CAs and 
browser vendors have been meeting; they've agreed on a set of standards 
for certificates that represent more checking by the CA.  Browsers will 
be enhanced to display a different sort of notification -- for IE, a 
green address bar.  

		--Steven M. Bellovin, http://www.cs.columbia.edu/~smb

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[19298] in cryptography@c2.net mail archive

browser vendors and CAs agreeing on high-assurance certificates

daemon@ATHENA.MIT.EDU (Steven M. Bellovin)Sun Dec 18 10:43:41 2005

daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Sun Dec 18 10:43:41 2005