On 01/09/2009 06:40 AM, Ben Bucksch:
Obviously I "trust" the software I run, out of necessity. I do not trust the CA operations. If there was minimal hope that they'd do a decent job, that has been destroyed over last Christmas.
I anticipated comments like this one, but the good thing is that stakes are rather high for CAs, hence they are improving and resolutions happen rather fast. This is at least true for some of the events we've seen (Verisign, StartCom).
On the other hand, any flaw outside of CAs are up to individuals which couldn't care less sometimes (as shown in the Debian fiasco). But as Robert and Julien already said, those who care know in such cases.
-- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: start...@startcom.org Blog: https://blog.startcom.org _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
