On 11/03/2011 07:16 PM, Phillip Hallam-Baker wrote: > On Thu, Nov 3, 2011 at 9:35 PM, Jacob Appelbaum <[email protected]> wrote: > >> On 11/03/2011 05:27 PM, Phillip Hallam-Baker wrote: >>> People who throw stones... >>> >>> Seems to me that EFF and Moxie have been holding everyone else to a >> certain >>> standard these past few months. >>> >>> I don't think that either would accept 'recognized and acknowledged' as >> an >>> excuse. >>> >>> >>> In the case of Convergence the site does not say a blessed thing about >> the >>> proposal. Not a squeak, not a sausage. It is pure marketing glitz with >>> fancy graphics but no substance. >>> >> >> If someone is going to accuse an open source project of being a backdoor >> they could at least link to the offending code. >> > > If someone is going to claim that there are '650 CAs' then they could at > least ask why the DFN root has 200 intermediates chained and if they are > actually CAs as being claimed. >
This is a pretty conservative number - consider that Dan Kaminsky often says the number is around ~1600 - what's the correct number? Additionally, I believe you are mistaken about such a quote from me. I did a quick search and found articles that cite the EFF and also quote me - the EFF citation is not a quote from me - I don't work for the EFF. > EFF has been mighty economical with the truth of late. I have been pretty > sick of it to tell the truth. The 650 CAs claim was garbage, they know it > is garbage but you keep on repeating it to the press as fact. > How many CAs exist today that can sign a certificate and then that certificate will be accepted as valid? > Well now they are having problems being believed and I am afraid that I > can't actually vouch for their honesty any more. > This is a diversion. The person behind this slander says that they're writing backdoors - it's a pretty different thing from what you're saying, which is that you disagree with their counting methods. One is a matter of methodology and the other integrity. I'm sure someone from the EFF will chime in here and I welcome that discussion. > > >> This rumor is a bunch of bullshit and I can't believe it spilled onto >> this list too. >> > > The Iranian government runs a Warez site filled with all sorts of software > that is not legally for sale in Iran. Citation please. > > It is all free and all larded up with backdoors. Citation please. > > So I would not discount the possibility of there being IRG versions of Tor > in circulation. In fact it seems rather likely that they have done that > already. What do you base this on? We'd love to see a sample - feel free to send us some evidence. In any case, I hardly see what any of this has to do with the allegations from the parent post. It appears to be slander with absolutely no factual backing. All the best, Jake
