Jan Lühr schrieb: > I'm more and more depressed about the state of PKIs and TLS / SSL out > there :-(
Well, did you look into BGP or DNS security recently? In contrast to public opinion, PKI and TLS security is constantly *improving* since 6 or 7 years, because nowadays people actually care. Such "minor" stuff as the Apple "goto fail" bug wouldn't have made it into the mainstream media ten years ago. Due to the effort of e.g. Mozillas CA programm, Microsofts CA programm, the CA/B-Forum and all those people that write "TLS is broken" papers, things are actually getting better. The only question is whether the speed of improvement is fast enough. Its an error to think that technical stuff is secure and sound if nobody talks about it, and its also an error to think that the area where all people are crying foul is the worst with regard to security (or safety). Juergen _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy