[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)

Subject: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)
From: marcus at blazingdot.com (Marcus Reid)
Date: Mon, 12 Sep 2011 22:16:45 +0000
In-reply-to: <[email protected]>
References: <CAAAas8Fua4EbjwKs_wkrcyr1Y6TqXQYNOAC5VGANKmh3hNSfUA@mail.gmail.com> <CAHyNd14PWaAgB6t8e0Z3PWc-GhhjXyNOydtB=H0f-2bYaLJ83A@mail.gmail.com> <[email protected]> <[email protected]> <m2fwk1kecp.wl%[email protected]> <[email protected]> <m2d3f5kduf.wl%[email protected]> <[email protected]> <[email protected]>

On Mon, Sep 12, 2011 at 11:00:47PM +0100, Tony Finch wrote:
> Note that a big weak point in the DNS is the interface between the
> registrars and the registry. If you have a domain you have to trust the
> registry to impose suitable restrictions on its registrars to prevent a
> dodgy registrar from stealing your domain. Another, of course, is the
> interface between a registrar and its customers.

Just in case anybody missed it, ups.com, theregister.co.uk, and others
were hijacked in this way last week.

http://www.theregister.co.uk/2011/09/05/dns_hijack_service_updated/

Marcus

References:
- Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)
  - From: mike at mikejones.in (Mike Jones)
- Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)
  - From: millnert at gmail.com (Martin Millnert)
- Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)
  - From: greg at bestnet.kharkov.ua (Gregory Edigarov)
- Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)
  - From: leigh.porter at ukbroadband.com (Leigh Porter)
- Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)
  - From: randy at psg.com (Randy Bush)
- Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)
  - From: mike at mtcc.com (Michael Thomas)
- Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)
  - From: randy at psg.com (Randy Bush)
- Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)
  - From: mike at mtcc.com (Michael Thomas)
- Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)
  - From: dot at dotat.at (Tony Finch)

Prev by Date: Microsoft deems all DigiNotar certificates untrustworthy, releases
Next by Date: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)
Previous by thread: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)
Next by thread: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)
Index(es):
- Date
- Thread