[Note to moderator: May be slightly OT. Unfortunately, Gmail web interface
won't allow me to alter the Subject: to mention it there.]
On Wed, Sep 14, 2011 at 5:52 PM, Seth David Schoen wrote:
> More fundamentally, as Peter Biddle points out, trust isn't
> transitive. Suppose we think that a par
On 09/14/2011 09:34 PM, Arshad Noor wrote:
On 9/14/2011 2:52 PM, Seth David Schoen wrote:
Arshad Noor writes:
I'm not sure I understand why it would be helpful to know all (or any)
intermediate CA ahead of time. If you trust the self-signed Root CA,
then, by definition, you've decided to trust
On 9/14/2011 2:52 PM, Seth David Schoen wrote:
Arshad Noor writes:
I'm not sure I understand why it would be helpful to know all (or any)
intermediate CA ahead of time. If you trust the self-signed Root CA,
then, by definition, you've decided to trust everything that CA (and
subordinate CA) is
*not* nitpicking...
> ...as Peter Biddle points out, trust isn't transitive.
as an engineer, I feel compelled to add that security is not
composable, either (joining two secure systems does not necessarily
result in a secure composite)
*not* nitpicking.
--dan
Arshad Noor writes:
> I'm not sure I understand why it would be helpful to know all (or any)
> intermediate CA ahead of time. If you trust the self-signed Root CA,
> then, by definition, you've decided to trust everything that CA (and
> subordinate CA) issues, with the exception of revoked certif
On Sep 13, 2011, at 7:14 PM, Ralph Holz wrote:
> Hi,
>
HTTPS Everywhere makes users encounter this situation more than they
otherwise might.
>>>
>>> A week or three ago, I got cert warnings - from gmail's page. (Yes, I'm
>>> using HTTPS Everywhere).
>>
>> When _that_ happens, pleas
I recently caught up with the rest of you and saw Moxie's Convergence
presentation [on youtube]. I truly hesitate to post here; there have
been so many long posts, that any additional ones are likely to result
in "tl;dr".
I believe Convergence is... just another PKI, or set of PKIs, with
some twi
http://rdist.root.org/2011/09/13/the-magic-inside-bunnies-new-netv/
A year ago, what was probably the most important Pastebin posting ever was
released by an anonymous hacker. The HDCP master key gave the ability for
anyone to derive the keys protecting the link between DVD players and TVs.
T
Hi,
>> Well, yes, but it is the Alexa Top 1 million list that is scanned. I can
>> give you a few numbers for the Top 1K or so, too, but it does remain a
>> relative "popularity".
>
> How many of those sites ever "advertise" an HTTPS end-point though?
> Maybe users are extremely unlikely to ever