On 03/30/2011 09:59 PM, From John Bradley:
The problem is how do you not trust them without breaking significant parts of the internet.They have us over a barrel.
Well, well....both of you know that this is a particular issue of a particular "Certification Authority" and that there are alternatives. And incidentally I happen to know both you ;-)
I assume that there will be actions by the most important browser vendors, I suggest to check your certificate stores and CA bundles at the servers and to rip those CAs you prefer not to trust.
Regards
Signer: Eddy Nigg, COO/CTO
StartCom Ltd. <http://www.startcom.org>
XMPP: [email protected] <xmpp:[email protected]>
Blog: Join the Revolution! <http://blog.startcom.org>
Twitter: Follow Me <http://twitter.com/eddy_nigg>
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ security mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-security
