[cryptography] Diginotar Lessons Learned (long)

Peter Gutmann pgut001 at cs.auckland.ac.nz
Wed Sep 7 11:53:05 EDT 2011


Marsh Ray <marsh at extendedsubset.com> writes:

>Do we need then a whole spectrum of "Super Validation", "Hyper Validation",
>and "Ludicrous Validation" to address the ridiculous deficiencies found in
>these current pwned EV CAs?

It has been suggested that we need a kind of meta-CA or CA for CAs (CACA).
Then the browser vendors could code CACA into the browsers, and we'd all be
trusting in CACA.

Or maybe we already are.

Peter.



More information about the cryptography mailing list