The state-level attack on the SSL CA security model
franck at genius.com
Thu Mar 24 16:39:16 CDT 2011
----- Original Message -----
> From: "Roland Dobbins" <rdobbins at arbor.net>
> To: "nanog group" <nanog at nanog.org>
> Sent: Friday, 25 March, 2011 9:33:27 AM
> Subject: Re: The state-level attack on the SSL CA security model
> On Mar 24, 2011, at 6:41 PM, Florian Weimer wrote:
> > Disclosure devalues information.
> I think this case is different, given the perception of the cert as a
> 'thing' to be bartered.
Isn't there any law that obliges company to disclose security breaches that involve consumer data?
More information about the NANOG