The state-level attack on the SSL CA security model

Christopher Morrow morrowc.lists at gmail.com
Thu Mar 24 09:59:40 CDT 2011


On Thu, Mar 24, 2011 at 6:19 AM, Joakim Aronius <joakim at aronius.se> wrote:
> IF the speculations about a specific nation is true then there is a risk that people there run real (like physical) risks by using e.g. yahoo the last few days. They would have appreciated being informed.
>>

if speculation is true, then all bets are off, and telling anyone
isn't necessarily going to help those under the thumb of the
speculated attacker....

just sayin!

(also, vote now, vote often for dane-wg to get it's work done...
dns-sec secured key fingerprints for ssl certs)




More information about the NANOG mailing list