[oss-security] Re: 0xdeadbeef comes of age: making keysteak with GnuPG

flapflap flapflap at riseup.net
Fri Oct 10 20:45:24 CEST 2014

Daniel Kahn Gillmor:
> On 10/10/2014 12:23 PM, Daniel Kahn Gillmor wrote:
>> On 10/10/2014 12:01 PM, David Leon Gil wrote:
>>>> (While I know that if a root CA were caught intentionally issuing an
>>>> MitM cert for keybase.io or pgp.mit.edu would face likely
>>>> delisting/bankruptcy.)
>> I'd like to believe that also, but i think that some of the members of
>> the CA cartel might be "too big to fail" in the current infrastructure.
>>  There's no chance that the CA will go bankrupt if they aren't delisted
>> (since the CA market is a lemon market), and every web site certified by
>> the bigger CAs has an incentive to argue against that CAs' delisting
>> (because it will break their web site).
> And, even when we can burn a small CA, the larger organization often
> carries on unharmed:
>   http://www.links.org/?p=1268
> 	--dkg

if interested, see also
and about the first 12min of Moxie Marlinspike's talk (regarding COMODO)


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 630 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20141010/aa1d3251/attachment-0001.sig>

More information about the Gnupg-devel mailing list