nanog mailing list archives
Re: Gmail and SSL
From: Matthew Palmer <mpalmer () hezmatt org>
Date: Thu, 3 Jan 2013 12:37:25 +1100
On Wed, Jan 02, 2013 at 07:35:49PM -0500, William Herrin wrote:
A "reputable" SSL signer would have to get outed just once issuing a government a resigning cert and they'd be kicked out of all the browsers. They'd be awfully easy to catch.
I believe Honest Achmed said it best: "In any case by the time he's issued enough certificates he'll be regarded as too big to fail by the browser vendors, so an expensive audit doesn't really matter." as well as "Achmed's business plan is to sell a sufficiently large number of certificates as quickly as possible in order to become too big to fail" and "Achmed guarantees that no certificate will be issued without payment having been received, as per the old latin proverb "nil certificati sine lucre"." - Matt
Current thread:
- Re: Gmail and SSL, (continued)
- Re: Gmail and SSL Christopher Morrow (Jan 02)
- Re: Gmail and SSL William Herrin (Jan 02)
- Re: Gmail and SSL George Herbert (Jan 02)
- Re: Gmail and SSL William Herrin (Jan 02)
- Re: Gmail and SSL John R. Levine (Jan 02)
- Re: Gmail and SSL William Herrin (Jan 02)
- Re: Gmail and SSL Christopher Morrow (Jan 02)
- Re: Gmail and SSL Christopher Morrow (Jan 02)
- Re: Gmail and SSL William Herrin (Jan 02)
- Re: Gmail and SSL Christopher Morrow (Jan 02)
- Re: Gmail and SSL Christopher Morrow (Jan 02)
- Re: Gmail and SSL Matthew Palmer (Jan 02)
- Re: Gmail and SSL Masataka Ohta (Jan 02)
- Re: Gmail and SSL George Herbert (Jan 02)
- Re: Gmail and SSL William Herrin (Jan 02)
- Re: Gmail and SSL Gary E. Miller (Jan 02)
- Re: Gmail and SSL Valdis . Kletnieks (Jan 02)
- Re: Gmail and SSL George Herbert (Jan 02)
- Re: Gmail and SSL Jeff Kell (Jan 02)
- Re: Gmail and SSL Damian Menscher (Jan 02)
- Re: Gmail and SSL Valdis . Kletnieks (Jan 02)
- Re: Gmail and SSL Damian Menscher (Jan 02)