The state-level attack on the SSL CA security model

Franck Martin franck at genius.com
Thu Mar 24 21:39:16 UTC 2011



----- Original Message -----
> From: "Roland Dobbins" <rdobbins at arbor.net>
> To: "nanog group" <nanog at nanog.org>
> Sent: Friday, 25 March, 2011 9:33:27 AM
> Subject: Re: The state-level attack on the SSL CA security model
> On Mar 24, 2011, at 6:41 PM, Florian Weimer wrote:
> 
> >  Disclosure devalues information.
> 
> 
> I think this case is different, given the perception of the cert as a
> 'thing' to be bartered.
> 

Isn't there any law that obliges company to disclose security breaches that involve consumer data?




More information about the NANOG mailing list