nanog mailing list archives

Re: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)

From: Christopher Morrow <morrowc.lists () gmail com>
Date: Sun, 11 Sep 2011 23:28:03 -0400

On Sun, Sep 11, 2011 at 11:06 PM, Hughes, Scott GRE-MG
<SHughes () grenergy com> wrote:

Companies that wrap their services with generic domain names (paymybills.com and the like) have no one to blame but 
themselves when they are targeted by scammers and phishing schemes. Even EV certificates don't help when consumers 
are blinded by subsidiary companies and sister companies daily (Motorola Mobility a.k.a. Google vs. Motorola 
Solutions.)


So, part of my point here about ev/dv/etc certs is that in almost all
cases of consumer fraud and protection, HTTPS is never used. Hell,
half the spams I get are
http://IP_ADDRESS/somethign/something/something.php ... Falling back
on the 'well ev certs are there to provide protection to the consumer'
is just FUD (I think).

again, not seeing a benefit here...

-chris

Current thread:

Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates) Mike Jones (Sep 11)
- Re: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates) Richard Barnes (Sep 11)
  - Re: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates) Aaron C. de Bruyn (Sep 11)
    - Re: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates) James Harr (Sep 11)
    - Re: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates) Valdis . Kletnieks (Sep 11)
    - Re: Why are we still using the CA model? (Re: Microsoft deems all Aaron C. de Bruyn (Sep 11)
- Re: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates) Christopher Morrow (Sep 11)
  - Re: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates) Jimmy Hess (Sep 11)
    - Re: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates) Christopher Morrow (Sep 11)
    - Re: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates) Hughes, Scott GRE-MG (Sep 11)
    - Re: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates) Christopher Morrow (Sep 11)
    - Re: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates) William Allen Simpson (Sep 11)
    - Re: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates) Christopher J. Pilkington (Sep 12)
- Re: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates) Martin Millnert (Sep 12)
  - Re: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates) Gregory Edigarov (Sep 12)
    - Re: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates) Martin Millnert (Sep 12)
    - RE: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates) Leigh Porter (Sep 12)
    - Re: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates) Randy Bush (Sep 12)
    - Re: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates) Michael Thomas (Sep 12)
    - Re: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates) Randy Bush (Sep 12)
    - Re: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates) Michael Thomas (Sep 12)

(Thread continues...)