[cryptography] what has the NSA broken?

David Johnston dj at deadhat.com
Sat Sep 7 13:56:52 EDT 2013

On 9/6/2013 6:58 AM, Ralph Holz wrote:
> Hi,
> On 09/06/2013 07:12 AM, James A. Donald wrote:
>> Most private keys are issued by, not merely certified by, the CAs.
> Can you give numerical evidence for this claim?
Device certificates (those that go into mass manufactured products) 
typically have the CA provide both keys and cert. The back and forth of 
keygen->CSR->Sign->Return per product does not fit in the mindset of a 

I suspect this is more certs than all the web site certs put together.

More information about the cryptography mailing list