Full Disclosure mailing list archives
Re: Expired certificate
From: Dan Kaminsky <dan () doxpara com>
Date: Thu, 22 Jul 2010 23:40:41 -0400
On Thu, Jul 22, 2010 at 11:28 PM, Marsh Ray <marsh () extendedsubset com>wrote:
On 07/22/2010 08:05 PM, Dan Kaminsky wrote:That's $240K/yr being spent to manage three year expirations, just on labor.Yep. But as Dr. Laura would say, "you knew that before you married her". Nobody said you had to go into that business, or that you were entitled to make a profit on it.
Nobody says they have to deploy secure endpoints, but the credit card people, and even then only on a really restricted subset of sites. There are fundamental sources of these failures that are not just "people are stupid". Remember the tales of failed +$100M PKI deployments around the turn of the millenium? Why do you think so much money got spent? What might be the unintended consequences be of having 500 "secure" sites
hosted by folks that can't manage to spend one day every three freakin' years on maintenance? It's one day every three years per server. If you have a lot of servers,
it adds up. And so, we back into the empirical reality -- people don't put SSL on a lot of servers.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Expired certificate, (continued)
- Re: Expired certificate Junk Meat (Jul 16)
- Re: Expired certificate bk (Jul 16)
- Re: Expired certificate Junk Meat (Jul 16)
- Re: Expired certificate bk (Jul 16)
- Re: Expired certificate Junk Meat (Jul 17)
- Re: Expired certificate Dan Kaminsky (Jul 17)
- Re: Expired certificate Pavel Kankovsky (Jul 18)
- Re: Expired certificate Marsh Ray (Jul 20)
- Re: Expired certificate Dan Kaminsky (Jul 22)
- Re: Expired certificate Marsh Ray (Jul 22)
- Re: Expired certificate Dan Kaminsky (Jul 22)
- Re: Expired certificate Marsh Ray (Jul 22)
- Re: Expired certificate bk (Jul 23)
- Re: Expired certificate bk (Jul 16)
- Re: Expired certificate Junk Meat (Jul 16)
- Re: Expired certificate Meadow (Jul 23)
- Re: Expired certificate Marsh Ray (Jul 24)
- Re: Expired certificate Pavel Kankovsky (Jul 24)
- Re: Expired certificate Dan Kaminsky (Jul 24)
- Re: Expired certificate Dan Kaminsky (Jul 24)
- Re: Expired certificate Pavel Kankovsky (Jul 25)
- Re: Expired certificate Dan Kaminsky (Jul 25)
- Re: Expired certificate Marsh Ray (Jul 26)