Firewall Wizards mailing list archives
Re: Firewall best practices
From: "Marcus J. Ranum" <mjr () ranum com>
Date: Wed, 28 Apr 2010 15:28:04 -0400
ArkanoiD wrote:
The problem is, it doesn't necessary needs to be root CA.
Everyone forgets that SSL was only really intended to solve a fairly limited problem. That problem being, namely, "how can Verisign and RSA monetize their patents on PKI?" - if you want to understand why SSL is the way it is, you need to consider what it was designed to do; then everything makes sense. As I said earlier, I'm boggled that nobody has fixed it. Consider that a measure of how much standards bodies are really worth and how much customers care. mjr. -- Marcus J. Ranum CSO, Tenable Network Security, Inc. http://www.tenablesecurity.com _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Firewall best practices, (continued)
- Re: Firewall best practices Nate Itkin (Apr 27)
- Re: Firewall best practices Dave Piscitello (Apr 27)
- Re: Firewall best practices Carson Gaspar (Apr 27)
- Re: Firewall best practices Fetch, Brandon (Apr 27)
- Re: Firewall best practices lordchariot (Apr 28)
- Re: Firewall best practices Bruce B. Platt (Apr 30)
- Re: Firewall best practices Cian Brennan (Apr 28)
- Re: Firewall best practices Fetch, Brandon (Apr 28)
- Re: Firewall best practices Mathew Want (Apr 30)
- Re: Firewall best practices ArkanoiD (Apr 30)
- Re: Firewall best practices Marcus J. Ranum (Apr 30)
- Re: Firewall best practices ArkanoiD (Apr 27)
- Re: Firewall best practices Dave Piscitello (Apr 22)
- Re: Firewall best practices Marcus J. Ranum (Apr 15)