The state-level attack on the SSL CA security model
chk at pobox.com
Thu Mar 24 09:09:13 CDT 2011
On 3/23/2011 11:05 PM, Martin Millnert wrote:
> To my surprise, I did not see a mention in this community of the
> latest proof of the complete failure of the SSL CA model to actually
> do what it is supposed to: provide security, rather than a false sense
> of security.
This story strikes me as a success - the certs were revoked immediately,
and it took a surprisingly short amount of time for security fixes to
appear all over the place.
> In some places, failure of internet security means people die
Those people know that using highly visible services like gmail and
skype is asking to be exposed...
More information about the NANOG