[cryptography] GlobalSign temporarily ceases issuance of all certificates
pgut001 at cs.auckland.ac.nz
Thu Sep 8 01:28:50 EDT 2011
Ian G <iang at iang.org> writes:
It is not a new observation that the original threat modelling had flaws you
could drive a truck through :)
You forgot to mention what the SSL/browser PKI threat model actually is, as
first pointed out by some guy called Grigg:
SSL/browser PKI is defined to be the solution.
The threat is defined to be whatever the solution addresses.
(I've termed it "The Inside-Out Threat Model". Unfortunately quite common in
More information about the cryptography