[19301] in cryptography@c2.net mail archive
Re: browser vendors and CAs agreeing on high-assurance certificates
daemon@ATHENA.MIT.EDU (James A. Donald)
Sun Dec 18 13:59:16 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: "James A. Donald" <jamesd@echeque.com>
To: cryptography@metzdowd.com,
"Steven M. Bellovin" <smb@cs.columbia.edu>
Date: Sun, 18 Dec 2005 09:47:27 -0800
In-reply-to: <20051218052832.4D19B3C01AD@berkshire.machshav.com>
--
From: "Steven M. Bellovin"
<smb@cs.columbia.edu>
> http://news.com.com/Browsers+to+get+sturdier+padlocks/
> 2100-1029_3-5989 633.html?tag=st.rn
>
> The article is a bit long-winded and short on details,
Typical marketing bullshit.
> but the basic message is simple: too many CAs have
> engaged in a price- and cost-driven race to the
> bottom; there are thus too many certificates being
> issued that aren't really trustworthy.
Has anyone been attacked through a certificate that
would not have been issued under stricter security? The
article does not mention any such attacks, nor have I
ever heard of such an attack.
If no attacks, this is just an excuse for higher priced
holy water, an attempt to alter the Browser interface to
increase revenue, not increase security - to solve the
CA's problem, not solve the user's problem.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
9gZDh7SzUIydFOkZcwjeTnkd9RZt8ug2ixc7jGCB
4m7NXA50DZoZI3WxvI4Fh8+c0l0CG/6GYiqtrMek7
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
