[cryptography] Symantec gets it wrong
jd.cypherpunks at gmail.com
Thu Sep 8 12:43:04 EDT 2011
>> Today, maybe that has changed ever so slightly? If a customer now
>> fears that their/A CA will actually get de-listed from the popular
>> platforms, thus causing them an outage, maybe customers start
>> demanding CAs that are less likely to get de-listed? Maybe ones that
>> can demonstrate better security controls, or somesuch?
> I would guess the best way of ensuring your CA is not delisted is to
> make sure that they are so widely used that killing them is not a
> viable option because of the amount of collateral damage it would
> Too Trusted To Fail
Too Trusted to Fail is an illusion (like the banks).
Moreover if it's hacked it's not secure anymore and companies may not use it anymore for their businesses. Btw - Am I the only one who thinks that this 21 years old hacker has brocken one of the mature CAs as well?
More information about the cryptography