Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Sun Sep 11 17:52:41 CDT 2011


On Sun, 11 Sep 2011 15:20:51 PDT, "Aaron C. de Bruyn" said:
> I'm pretty fond of the idea proposed by gpgAuth.One key to rule them
> all (and one password) combined with the client verifying the
> server.It's still in its infancy, but it works.

Yes, but it needs to be something that either (a) Joe Sixpack never
sees, or (b) Joe Sixpack actually understands.  Are either of those
true?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20110911/af79e03c/attachment.bin>


More information about the NANOG mailing list