Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)

Michael Thomas mike at mtcc.com
Mon Sep 12 10:24:32 CDT 2011


Martin Millnert wrote:
> On Mon, Sep 12, 2011 at 5:09 PM, Michael Thomas <mike at mtcc.com> wrote:
>> And how long would it be before browsers allowed self-signed-but-ok'ed-using-dnssec-protected-cert-hashes?
> 
> As previously mentioned, Chrome >= v14 already does.

The perils of coming in late in a thread :)

Mike



More information about the NANOG mailing list