[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Microsoft deems all DigiNotar certificates untrustworthy, releases
On Mon, 12 Sep 2011 22:31:59 +0200, M?ns Nilsson said:
> Since you are from Sweden, and in an IT job, you probably have personal
> relations to someone who has personal relations to one of the swedes
> or other nationalities that were present at the key ceremonies for the
> root. Once you've established that the signatures on the root KSK are good
> (which -- because of the above -- should be doable OOB quite easily for
> you) you can start validating the entire chain of trust.
>
> Quite trivial, in fact.
I'll note that the PGP "strongly connected set" has grown all the way to 45,000
or so keys in 2 decades of growth. There are several billion Internet users. What
may be workable for Fredrik is probably *not* scalable to Joe Sixpack.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20110912/a17bcf66/attachment.bin>