OT: problems with the X.509 PKI business [was: Re: Gcrypt-devel Digest, Vol 66, Issue 5]
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Sun Jul 25 04:07:30 CEST 2010
On 07/24/2010 06:37 AM, Milo wrote:
> On 07/24/2010 10:36 AM, gcrypt-devel-request at gnupg.org wrote:
>>> A counterpoint would be that the whole X.509 PKI business is entirely
>>> broken and does not provide any security at all.
>> agreed, sadly.
> "whole X.509 PKI business is broken and does not provide any security at
> all" - very interesting statement. Could you elaborate on that?
For one example, X.509 sets up a situation that encourages centralized,
hierarchical reliance on an unaccountable cabal of Certificate Authorities:
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 892 bytes
Desc: OpenPGP digital signature
More information about the Gcrypt-devel