[139061] in North American Network Operators' Group
Re: The state-level attack on the SSL CA security model
daemon@ATHENA.MIT.EDU (Joe Sniderman)
Fri Mar 25 23:37:20 2011
Date: Fri, 25 Mar 2011 23:36:12 -0400
From: Joe Sniderman <joseph.sniderman@thoroquel.org>
To: nanog@nanog.org
In-Reply-To: <41AF4E08-178B-4462-A9EC-6FFAE199340B@cs.columbia.edu>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 03/25/2011 11:12 PM, Steven Bellovin wrote:
>
> On Mar 25, 2011, at 12:19 52PM, Akyol, Bora A wrote:
>
>> One could argue that you could try something like the facebook
>> model (or facebook itself). I can see it coming. Facebook web of
>> trust app ;-)
>>
> Except, of course, for the fact that people tend to have hundreds of
> "friends", many of whom they don't know at all, and who achieved that
> status simply by asking. You need a much stronger notion of
> interaction, to say nothing of what the malware in your "friends'"
> computers are doing to simulate such interaction.
Then again there are all the "friend us for a chance to win $prize"
gimmicks... not a far jump to "friend us, _with trust bits enabled_ for
a chance to win $prize"
Yeah sounds like a wonderful idea. :P
--
Joe Sniderman <joseph.sniderman@thoroquel.org>
