[ale] For the paranoid out there.
Jim Popovitch
jimpop at gmail.com
Tue Mar 30 11:45:04 EDT 2010
On Tue, Mar 30, 2010 at 11:24, Damon L. Chesser <damon at damtek.com> wrote:
> http://arstechnica.com/security/news/2010/03/govts-certificate-authorities-conspire-to-spy-on-ssl-users.ars
I don't think you have to be truly paranoid, the article is just a
roll-up of what key people have been saying for years. SSL
man-in-the-middle is more a practice these days than experiment. Look
no further than the lists of "agencies" your browser will trust to
validate a certificate. Do you, yourself, trust everyone of those
agencies?
-Jim P.
More information about the Ale
mailing list