User: Password:
Subscribe / Log in / New account

Certificates and "authorities"

Certificates and "authorities"

Posted Sep 8, 2011 16:53 UTC (Thu) by pspinler (subscriber, #2922)
In reply to: Certificates and "authorities" by karim
Parent article: Certificates and "authorities"

That sounds like just pushing the problem back one level. A large scale determined MITM attack like this would just add the suggested cloud to the dns/cert/service list they suborn.

-- Pat

(Log in to post comments)

Certificates and "authorities"

Posted Sep 8, 2011 19:18 UTC (Thu) by karim (subscriber, #114) [Link]

But, but, but ... isn't this the industry where there isn't a single problem you can't solve by adding another layer?!?!? ;)

Seriously, though, I knew this would come up and you're right. Which is why we'd get a "here's a solution"/"that's not enough"-rinse-wash-repeat situation until something would come out of it (or not.) It's just the basis of an idea which I totally agree would need much more work. The benefit, though, is to leverage what's already there.


Certificates and "authorities"

Posted Sep 12, 2011 17:21 UTC (Mon) by Chocrates (guest, #67068) [Link]

Then wouldn't it be noticable that large geographical regions have no data? Or manufactured data?

Certificates and "authorities"

Posted Sep 14, 2011 15:14 UTC (Wed) by karim (subscriber, #114) [Link]

That's brilliant. Indeed it seems that that would be an interesting side effect.

Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds