[cryptography] trustable self-signed certs in a P2P environment (freedombox)
trevp at trevp.net
Wed Nov 30 15:26:38 EST 2011
On Wed, Nov 30, 2011 at 12:11 PM, Adam Back <adam at cypherspace.org> wrote:
> Its rather common for people with load balancers and lots of servers serving
> the same domain to have multiple certs.
> On Wed, Nov 30, 2011 at 12:05:29PM -0800, Peter Eckersley wrote:
>> Perspectives/Convergence suffer from the problem that there is no way to
>> tell the difference between "the server was reinstalled and now has a new key"
>> and "the whole world sees an attack in progress".
There's a Convergence proposal to address the above issues, but it
requires some effort by the site:
More information about the cryptography