The state-level attack on the SSL CA security model

Harald Koch chk at
Thu Mar 24 09:09:13 CDT 2011

On 3/23/2011 11:05 PM, Martin Millnert wrote:
> To my surprise, I did not see a mention in this community of the
> latest proof of the complete failure of the SSL CA model to actually
> do what it is supposed to: provide security, rather than a false sense
> of security.

This story strikes me as a success - the certs were revoked immediately, 
and it took a surprisingly short amount of time for security fixes to 
appear all over the place.

 >  In some places, failure of internet security means people die

Those people know that using highly visible services like gmail and 
skype is asking to be exposed...


More information about the NANOG mailing list