[cryptography] How are expired code-signing certs revoked?

dan at geer.org dan at geer.org
Fri Dec 9 20:09:22 EST 2011

 > If the USG can't even keep thumb drives off of SIPR, isn't the
 > whole game doomed to failure?   (What genius thought it would be
 > a good idea to put USB ports on SIPR-connected boxes, anyway?)

USG is, like all enterprises, struggling with "consumerization"
such as whether cloud services (like Gmail) have so great a cost
efficiency as to be irresistible or choosing whether individual USG
employees should be forbidden or required to own carry cell phones
(trackability).  There is current budget-driven consideration as to
whether to collapse JWICS and SIPRnet into one fabric.  As the
Internet-of-things rolls forward, the effort required to maintain
even a constant level of risk will be all but entirely infeasible,
and university-level social science research appears poised to make
it possible to imagine a government herded by continuous plebiscite
(such as by automatic, language-independent categorization of all
Tweets in real time), thus ending long-term thinking altogether.

A republic, if you can keep it.


More information about the cryptography mailing list