Gmail and SSL

• Previous message (by thread): Gmail and SSL
• Next message (by thread): Gmail and SSL
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jan 02, 2013 at 07:35:49PM -0500, William Herrin wrote:
> A "reputable" SSL signer would have to get outed just once issuing a
> government a resigning cert and they'd be kicked out of all the
> browsers. They'd be awfully easy to catch.

I believe Honest Achmed said it best:

"In any case by the time he's issued enough certificates he'll be regarded
as too big to fail by the browser vendors, so an expensive audit doesn't
really matter."

as well as

"Achmed's business plan is to sell a sufficiently large number of
certificates as quickly as possible in order to become too big to fail"

and

"Achmed guarantees that no certificate will be issued without payment having
been received, as per the old latin proverb "nil certificati sine lucre"."

- Matt

• Previous message (by thread): Gmail and SSL
• Next message (by thread): Gmail and SSL
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]