[cryptography] Diginotar Lessons Learned (long)
andy at steingruebl.com
Sat Sep 10 13:20:14 EDT 2011
On Sat, Sep 10, 2011 at 9:43 AM, James A. Donald <jamesd at echeque.com> wrote:
> Most attacks aim to obtain shared secrets, so, obviously, a major solution
> is not fixing PKI, but SRP
Though aren't the most recent issues related to obtaining things other
than shared secrets? The attacks against CAs recently haven't been to
perform financial attacks, they have been to get identity information,
which SRP isn't going to protect right?
I don't disagree that *most* attacks are about finances, but quite a
number are also about stealing other confidential information.
More information about the cryptography