[139023] in North American Network Operators' Group
Re: The state-level attack on the SSL CA security model
daemon@ATHENA.MIT.EDU (Dobbins, Roland)
Fri Mar 25 09:26:00 2011
From: "Dobbins, Roland" <rdobbins@arbor.net>
To: nanog group <nanog@nanog.org>
Date: Fri, 25 Mar 2011 13:25:49 +0000
In-Reply-To: <82r59va73h.fsf@mid.bfk.de>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Mar 25, 2011, at 5:21 PM, Florian Weimer wrote:
> I can't see how a practice that is completely acceptable at the root cert=
ificate level is a danger so significant that state-secret-like
> treatment is called for once end-user certificates are involved.
Again, I don't know enough about what happened to form an opinion one way o=
r another. I'm just setting forth some reasons which spring to mind for no=
t announcing this immediately, that's all.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
The basis of optimism is sheer terror.
-- Oscar Wilde
