[cryptography] Security Pop-Up of the Day
pgut001 at cs.auckland.ac.nz
Thu Sep 22 05:46:11 EDT 2011
ianG <iang at iang.org> writes:
>C.f., revocation is broken. The disablement of OCSP checking has been ...
>errrr widely suggested.
>Which leads to a curious puzzler; if it doesn't work for users, who does it
>work for? Ah, the cynicism :P
There are a number of revocation vendors who have (or had, a few years ago) a
considerable revenue stream built around selling OCSP services. Identrus(t)
was one of those. The problem was that some silly CAs were misguided enough
to take the whole OCSP theatrical performance public, spoiling it for
More information about the cryptography