[security] SL comprimise
Eddy Nigg (StartCom Ltd.)
eddy_nigg at startcom.org
Wed Mar 30 20:46:37 UTC 2011
On 03/30/2011 09:59 PM, From John Bradley:
> The problem is how do you not trust them without breaking significant parts of the internet.
>
> They have us over a barrel.
Well, well....both of you know that this is a particular issue of a
particular "Certification Authority" and that there are alternatives.
And incidentally I happen to know both you ;-)
I assume that there will be actions by the most important browser
vendors, I suggest to check your certificate stores and CA bundles at
the servers and to rip those CAs you prefer not to trust.
Regards
Signer: Eddy Nigg, COO/CTO
StartCom Ltd. <http://www.startcom.org>
XMPP: startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: Join the Revolution! <http://blog.startcom.org>
Twitter: Follow Me <http://twitter.com/eddy_nigg>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-security/attachments/20110330/5d178874/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6385 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.openid.net/pipermail/openid-security/attachments/20110330/5d178874/attachment-0001.p7s>
More information about the security
mailing list