Hi, I created an incomplete summary of various reports about Certification Authority breaches. I believe it is the most complete list to date (additions welcome).
The summary also contains some (but not all) proposed security solutions and enhancements for the 'CA Trust Problem' and some general security enhancement for the deployment of SSL/TLS. Comments and feedback are welcome. https://thc.org/ssl and a video parody to explain the problem to non-technical people: http://youtu.be/F3BMA3IuvYs Best Regards, Ralf _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security