Dailydave mailing list archives

Re: tubes clogged

From: dan () geer org
Date: Tue, 30 Dec 2008 08:45:48 -0500


Some time ago, perhaps in 2005, I did an analysis
of all the then-trusted Root Certs in the major
browsers.  As near as I could tell then, 25% of
the companies whose certs were embedded had by
that time gone out of business, and many of the
certs present had 20+ year expiry times thus
assuring that more certs would remain nominally
valid even when the owning companies died.

And, of course, there are national laboratories
that have likely already done all this repeatedly.

--dan

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

tubes clogged Alexander Sotirov (Dec 29)
- Re: tubes clogged Jared DeMott (Dec 29)
  - Re: tubes clogged J. Oquendo (Dec 29)
    - Re: tubes clogged Can Erkin Acar (Dec 29)
    - Re: tubes clogged Jess Kitchen (Dec 29)
- Re: tubes clogged H D Moore (Dec 29)
  - Re: tubes clogged Petja van der Lek (Dec 29)
    - Re: tubes clogged Fyodor (Dec 29)
    - Re: tubes clogged Jess Kitchen (Dec 29)
    - Re: tubes clogged Thorsten Holz (Dec 30)
    - Re: tubes clogged dan (Dec 30)
    - Re: tubes clogged Paul Melson (Dec 30)
- Re: tubes clogged Adrien Krunch Kunysz (Dec 30)
  - MD5 Considered Harmful Today: Creating a rogue CA certificate Alexander Sotirov (Dec 30)
    - Re: MD5 Considered Harmful Today: Creating a rogue CA certificate Charles Miller (Dec 30)
    - Re: MD5 Considered Harmful Today: Creating a rogue CA certificate Thomas Ptacek (Dec 30)