[cryptography] Math corrections

Peter Gutmann pgut001 at cs.auckland.ac.nz
Sun Sep 18 14:59:54 EDT 2011


Arshad Noor <arshad.noor at strongauth.com> writes:

>Just because you come across one compromised CA out of 100 in the browser,
>does not imply that the remaining 99 are compromised (which is what you are
>implying with your statement).

Since browser PKI uses universal implicit cross-certification, it is indeed
the case that if one CA is compromised, all are compromised.  So Ian is
correct in his assessment.

Peter.



More information about the cryptography mailing list