Another CA has been found issuing SSL certificates for Google services. Mozilla has acted on the issue: https://blog.mozilla.org/security/2013/01/03/revoking-trust-in-two-turktrust-certficates/
The weird thing is that it's starting to appear less and less crazy to just get rid of the CA system and replace it with… nothing. What do you guys think? NK
-- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
