[cryptography] Symantec gets it wrong

jd.cypherpunks jd.cypherpunks at gmail.com
Thu Sep 8 12:43:04 EDT 2011


> 
>> Today, maybe that has changed ever so slightly?  If a customer now
>> fears that their/A CA will actually get de-listed from the popular
>> platforms, thus causing them an outage, maybe customers start
>> demanding CAs that are less likely to get de-listed? Maybe ones that
>> can demonstrate better security controls, or somesuch?
> 
> I would guess the best way of ensuring your CA is not delisted is to
> make sure that they are so widely used that killing them is not a
> viable option because of the amount of collateral damage it would
> cause.
> 
> Too Trusted To Fail
> 
> -Jack
> _______________________________________________

Too Trusted to Fail is an illusion (like the banks).
Moreover if it's hacked it's not secure anymore and companies may not use it anymore for their businesses. Btw - Am I the only one who thinks that this 21 years old hacker has brocken one of the mature CAs as well?

-Michael


More information about the cryptography mailing list