| |||||||||||||
Certificates and "authorities"Certificates and "authorities"Posted Sep 8, 2011 16:53 UTC (Thu) by pspinler (subscriber, #2922)In reply to: Certificates and "authorities" by karim Parent article: Certificates and "authorities"
That sounds like just pushing the problem back one level. A large scale determined MITM attack like this would just add the suggested cloud to the dns/cert/service list they suborn.
-- Pat
(Log in to post comments)
Certificates and "authorities" Posted Sep 8, 2011 19:18 UTC (Thu) by karim (subscriber, #114) [Link]
But, but, but ... isn't this the industry where there isn't a single problem you can't solve by adding another layer?!?!? ;)
Seriously, though, I knew this would come up and you're right. Which is why we'd get a "here's a solution"/"that's not enough"-rinse-wash-repeat situation until something would come out of it (or not.) It's just the basis of an idea which I totally agree would need much more work. The benefit, though, is to leverage what's already there.
FWIW
Certificates and "authorities" Posted Sep 12, 2011 17:21 UTC (Mon) by Chocrates (guest, #67068) [Link]
Then wouldn't it be noticable that large geographical regions have no data? Or manufactured data?
Certificates and "authorities" Posted Sep 14, 2011 15:14 UTC (Wed) by karim (subscriber, #114) [Link]
That's brilliant. Indeed it seems that that would be an interesting side effect.
|
|||||||||||||