nanog mailing list archives
Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates
From: Christopher Morrow <morrowc.lists () gmail com>
Date: Sun, 11 Sep 2011 21:57:59 -0400
somewhat rhetorically... On Sun, Sep 11, 2011 at 2:30 AM, Damian Menscher <damian () google com> wrote:
Because of that lost trust, any cross-signed cert would likely be revoked by the browsers. It would also make the browser vendors question whether the signing CA is worthy of their trust.
given a list of ca's and certs to invalidate ... how large a list would be practical in a browser? (baked in I mean) (not very, relative to the size of the domain system today) Is this scalable? (no) Is this the only answer we have left? (no) -chris (I'm not sure what better answers there are to the situation we are in today, I do like the work in DANE-WG though... it'll be a while before it's practical to use though, I fear)
Current thread:
- Re: Microsoft deems all DigiNotar certificates untrustworthy, releases, (continued)
- Re: Microsoft deems all DigiNotar certificates untrustworthy, releases Christopher Morrow (Sep 13)
- Re: Microsoft deems all DigiNotar certificates untrustworthy, releases Christopher Morrow (Sep 13)
- Re: Microsoft deems all DigiNotar certificates untrustworthy, releases Ted Cooper (Sep 13)
- Re: Microsoft deems all DigiNotar certificates untrustworthy, releases Christopher Morrow (Sep 14)
- Re: Microsoft deems all DigiNotar certificates untrustworthy, releases Joe Greco (Sep 12)
- Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates lgomes00 (Sep 11)
- Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Valdis . Kletnieks (Sep 11)
- Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Mark Andrews (Sep 11)
- Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Jimmy Hess (Sep 11)
- Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Damian Menscher (Sep 11)
- Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Christopher Morrow (Sep 11)
- Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Valdis . Kletnieks (Sep 11)
- Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Christopher Morrow (Sep 11)
- Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Valdis . Kletnieks (Sep 12)
- Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Christopher Morrow (Sep 12)
- Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Robert Bonomi (Sep 12)
- Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Christopher Morrow (Sep 12)
- Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Mike Jones (Sep 12)
- Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Eliot Lear (Sep 12)