nanog mailing list archives
Re: The state-level attack on the SSL CA security model
From: Joe Sniderman <joseph.sniderman () thoroquel org>
Date: Fri, 25 Mar 2011 23:36:12 -0400
On 03/25/2011 11:12 PM, Steven Bellovin wrote:
On Mar 25, 2011, at 12:19 52PM, Akyol, Bora A wrote:One could argue that you could try something like the facebook model (or facebook itself). I can see it coming. Facebook web of trust app ;-)Except, of course, for the fact that people tend to have hundreds of "friends", many of whom they don't know at all, and who achieved that status simply by asking. You need a much stronger notion of interaction, to say nothing of what the malware in your "friends'" computers are doing to simulate such interaction.
Then again there are all the "friend us for a chance to win $prize" gimmicks... not a far jump to "friend us, _with trust bits enabled_ for a chance to win $prize" Yeah sounds like a wonderful idea. :P -- Joe Sniderman <joseph.sniderman () thoroquel org>
Current thread:
- Re: The state-level attack on the SSL CA security model, (continued)
- Re: The state-level attack on the SSL CA security model Crist Clark (Mar 29)
- RE: The state-level attack on the SSL CA security model Akyol, Bora A (Mar 25)
- Re: The state-level attack on the SSL CA security model Valdis . Kletnieks (Mar 25)
- RE: The state-level attack on the SSL CA security model Akyol, Bora A (Mar 25)
- Re: The state-level attack on the SSL CA security model Dorn Hetzel (Mar 25)
- RE: The state-level attack on the SSL CA security model Akyol, Bora A (Mar 25)
- Re: The state-level attack on the SSL CA security model Valdis . Kletnieks (Mar 25)
- Re: The state-level attack on the SSL CA security model Ariel Biener (Mar 26)
- Re: The state-level attack on the SSL CA security model Martin Millnert (Mar 25)
- Re: The state-level attack on the SSL CA security model Steven Bellovin (Mar 25)
- Re: The state-level attack on the SSL CA security model Joe Sniderman (Mar 25)
- Re: The state-level attack on the SSL CA security model Franck Martin (Mar 25)
- Re: The state-level attack on the SSL CA security model Steven Bellovin (Mar 26)
- Re: The state-level attack on the SSL CA security model Christopher Morrow (Mar 24)
- Re: The state-level attack on the SSL CA security model Leif Nixon (Mar 24)
- Re: The state-level attack on the SSL CA security model Tony Finch (Mar 24)
- Re: The state-level attack on the SSL CA security model Richard Barnes (Mar 24)
- Re: The state-level attack on the SSL CA security model Dan White (Mar 24)
- Re: The state-level attack on the SSL CA security model Brian Keefer (Mar 24)
- Re: The state-level attack on the SSL CA security model Danny O'Brien (Mar 24)