[138981] in North American Network Operators' Group
Re: The state-level attack on the SSL CA security model
daemon@ATHENA.MIT.EDU (Franck Martin)
Thu Mar 24 17:39:29 2011
X-Barracuda-Envelope-From: franck@genius.com
Date: Fri, 25 Mar 2011 09:39:16 +1200 (MHT)
From: Franck Martin <franck@genius.com>
To: Roland Dobbins <rdobbins@arbor.net>
In-Reply-To: <67A80530-F81B-41B7-A7B3-5B1131A8F8C4@arbor.net>
Cc: nanog group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
----- Original Message -----
> From: "Roland Dobbins" <rdobbins@arbor.net>
> To: "nanog group" <nanog@nanog.org>
> Sent: Friday, 25 March, 2011 9:33:27 AM
> Subject: Re: The state-level attack on the SSL CA security model
> On Mar 24, 2011, at 6:41 PM, Florian Weimer wrote:
>
> > Disclosure devalues information.
>
>
> I think this case is different, given the perception of the cert as a
> 'thing' to be bartered.
>
Isn't there any law that obliges company to disclose security breaches that involve consumer data?
