On Tue, May 18, 2010 at 7:14 PM, QIU Quan <[email protected]> wrote: > SSL has some authorities which other current PKI systems, e.g. SSH, > PGP, lacks. Usually, the trusted authorities are delivered along with > OS distributions. Although a vendor should take the responsibility to > validate the authorities, this eases the first step of trust > establishment after all. > > At least, the ordering page <https://https.openbsd.org/cgi-bin/order> > works. That means OpenBSD has already a registered SSL service on the > go.
http://arstechnica.com/security/news/2010/03/govts-certificate-authorities-conspire-to-spy-on-ssl-users.ars -N
