I've been wondering, has a TLS server (or client, for that matter) key
ever actually been compromised? I don't think I've ever heard of one.
I'm thinking of two possible avenues for compromise, and ignoring
insider attacks. One is through defects in the protocol itself or its
implementation.
Ian Grigg wrote:
Tying the certificate into the core crypto protocol seems to be a
poor design choice; outsourcing any certification to a higher layer
seems to work much better out in the field.
I'll reserve judgement about the significance of SSLBar, but I couldn't
agree more with the above