Honestly, a full and transparent audit of all CAs and vendors would be better. If every CA had to list which sites it had issued certificates for, a few dozen would probably shake out with fake certs for Google or Apple.
I don't think Convergence is the solution, unfortunately. ~Griffin On Thu, Jan 3, 2013 at 8:09 PM, Nadim Kobeissi <[email protected]> wrote: > Another CA has been found issuing SSL certificates for Google services. > Mozilla has acted on the issue: > https://blog.mozilla.org/security/2013/01/03/revoking-trust-in-two-turktrust-certficates/ > > The weird thing is that it's starting to appear less and less crazy to > just get rid of the CA system and replace it with… nothing. What do you > guys think? > > NK > > -- > Unsubscribe, change to digest, or change password at: > https://mailman.stanford.edu/mailman/listinfo/liberationtech > -- "What do you think Indians are supposed to look like? What's the real difference between an eagle feather fan and a pink necktie? Not much." ~Sherman Alexie PGP Key etc: https://www.noisebridge.net/wiki/User:Fontaine
-- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
