[cryptography] Diginotar Lessons Learned (long)

Peter Gutmann pgut001 at cs.auckland.ac.nz
Wed Sep 7 11:00:35 EDT 2011


Ian G <iang at iang.org> writes:

>Hence, the well-known race-to-the-bottom, which is a big factor in DigiNotar.

Actually I'm not sure that DigiNotar was "the bottom", since they seem to have
been somewhat careful about the certs they issued.  "The bottom" is the cert
vending machines that will issue a cert to absolutely anyone, verified only by
Ben Franklin.  There are still plenty of those left.

Peter.




More information about the cryptography mailing list