The state-level attack on the SSL CA security model

Dobbins, Roland rdobbins at arbor.net
Fri Mar 25 08:25:49 CDT 2011


On Mar 25, 2011, at 5:21 PM, Florian Weimer wrote:

> I can't see how a practice that is completely acceptable at the root certificate level is a danger so significant that state-secret-like
> treatment is called for once end-user certificates are involved.

Again, I don't know enough about what happened to form an opinion one way or another.  I'm just setting forth some reasons which spring to mind for not announcing this immediately, that's all.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

		The basis of optimism is sheer terror.

			  -- Oscar Wilde





More information about the NANOG mailing list