[cryptography] The consequences of DigiNotar's failure

Ian G iang at iang.org
Fri Sep 16 13:28:17 EDT 2011


On 17/09/11 3:07 AM, M.R. wrote:
> On 16/09/11 09:16, Jeffrey Walton wrote:
>> The problem is that people will probably die
>> due Digitar's failure.
>
> I am not the one to defend DigiNotar, but I would not make such
> dramatic assumption.
>
> No one actively working against a government that is known to engage
> in extra-legal killings will trust SSL secured e-mail to protect him
> or her from the government surveillance.

IMNSHO, 1% of technically savvy users will have any view that there is a 
flaw with SSL secured e-mail.  Then, technically savvy users are about 
1% of the general population.  I'd expect around 0.01% of the population 
to have this clue.

> If this particular case, if
> the most often repeated hypothesis of who did it and why is correct,
> it was probably done for some bottom net-fishing and will likely result
> with a whole bunch of "little people" with secret files that will make
> them "second-class" citizens for a long, long time, ineligible for
> government jobs and similar. (For instance, I'd expect them to end up
> on some oriental no-fly list).

Would you be willing to bet your life on that?

iang



More information about the cryptography mailing list