[13616] in cryptography@c2.net mail archive
Re: An attack on paypal
daemon@ATHENA.MIT.EDU (John Gilmore)
Fri Jun 13 10:59:44 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
To: Anne & Lynn Wheeler <lynn@garlic.com>
Cc: "Steven M. Bellovin" <smb@research.att.com>,
cryptography@metzdowd.com
In-reply-to: <4.2.2.20030611192209.00c92c70@mail.earthlink.net>
Date: Thu, 12 Jun 2003 22:35:12 -0700
From: John Gilmore <gnu@toad.com>
> as in previous observations .... having a domain name owner register their
> public key in the internet registry (domain name infrastructure or
> ip-address registery) starts to lesson the requirement for having SSL
> domain certificates.
Yes; this is why (I think) VeriSign bought Network Solutions. Then no
matter who wins the tussle over which infrastructure certifies
peoples' keys, VeriSign will own it. Of course, canny spooks at SAIC
extracted billions of dollars from VeriSign for this privilege...after
extracting hundreds of millions from gullible public investors, and
extracting more from domain users via their official government
approved monopoly...
John
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
