Verisign CRL single point of failure

• Previous message (by thread): Verisign CRL single point of failure
• Next message (by thread): Verisign CRL single point of failure
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

** Reply to message from "Stephen J. Wilcox" <steve at telecomplete.co.uk>
on Fri, 9 Jan 2004 13:20:18 +0000 (GMT)

> > The consolidation of network power in a single company creates its own threat
> > to the critical infrastructure when a single certificate expires instead of
> > being randomly distributed among several different organizations.
> 
> I'm not sure whats involved in getting your own root certs added to browser/OS 
> distributions but theres nothing afaik that says Verisign is the sole company 
> providing this, presumably anyone else can agree with MS/whoever to have their 
> root certs added.. ?
> 

I'm looking at the Certificate Authorities in my copy of Mozilla 1.5. I
don't think I've added any, but these are the ones that are there:
ABA.ECOM, Inc
AOL Time Warner Inc.
AddTrust AB
America Online Inc.
Baltimore
Digital Signature Trust Co.
Entrust.net
Equifax
Equifax Secure
Equifax Secure Inc.
GTE Corporation
GeoTrust Inc.
GlobalSign nv-sa
RSA Data Security, Inc.
RSA Security Inc
TC TrustCenter for Security in Data Networking
Thawte
Thawte Consulting
Thawte Consulting cc
The USERTRUST Network
VISA
ValiCert, Inc.
VeriSign, Inc. 
beTrusted 

And in IE 6.0 there seem to be about an equal number, many of them the
same. 

So there appear to be alternatives to VeriSign (why is it that most of
these companies have two capitals in their names?). I do remember
seeing someone elsewhere complaining that he'd been trying to get his
root cert added to Mozilla for two years now, so it may not be all that
simple.

-- 
Jeff Shultz
Loose nut behind the wheel. 

• Previous message (by thread): Verisign CRL single point of failure
• Next message (by thread): Verisign CRL single point of failure
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]