Re: fingerprint of the archive signing key
On Tue, Jun 29, 2004 at 01:50:28AM +0100, Andrew Suffield wrote:
> The "Official CAs" are so insecure they are a joke. I bet you don't
> have a secure path to trust them. And you shouldn't trust them even if
> they did; they'll hand out a certificate to anybody. Their purpose is
> to provide a comfort blanket to stupid people so that they don't feel
> scared about handing their credit card number over as blithely on the
> internet as they do in most shops.
I don't know if anyone has heard about this, but Thawte CA will be providing
a new service soon called "SSL123", which is a web server certificate that
they will issue in "minutes", I suppose by verifying the domain information
with the registrar.
Of course, to the browser, it will look exactly like a "real" certificate.
The little lock in your browser window will be there, indicating a "secure"
connection.
So in other words, SSL will be even more of a joke.
On the other hand, it's probably still more secure than handing your credit
card to a waiter.
--Adam
--
Adam McKenna <adam@debian.org> <adam@flounder.net>
Reply to: