[cryptography] Request - PKI/CA History Lesson - the definition of trust

Jeffrey Goldberg jeffrey at goldmark.org
Sun May 4 19:39:40 EDT 2014


On 2014-05-03, at 3:22 AM, <pjklauser at gmail.com> <pjklauser at gmail.com> wrote:

> Frankly, if we could "trust" in DNS, we would not need to "trust" in
> web-PKIX [2] - since the one is just the bandaid for the other.

Have you forgotten that routing can be subverted?

Just because you are talking to the right IP address doesn’t mean
you are talking the right host.

Cheers,

-j



More information about the cryptography mailing list