[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: fingerprint of the archive signing key

On Tue, Jun 29, 2004 at 01:50:28AM +0100, Andrew Suffield wrote:
> The "Official CAs" are so insecure they are a joke. I bet you don't
> have a secure path to trust them. And you shouldn't trust them even if
> they did; they'll hand out a certificate to anybody. Their purpose is
> to provide a comfort blanket to stupid people so that they don't feel
> scared about handing their credit card number over as blithely on the
> internet as they do in most shops.

I don't know if anyone has heard about this, but Thawte CA will be providing
a new service soon called "SSL123", which is a web server certificate that
they will issue in "minutes", I suppose by verifying the domain information
with the registrar.

Of course, to the browser, it will look exactly like a "real" certificate.
The little lock in your browser window will be there, indicating a "secure"

So in other words, SSL will be even more of a joke.

On the other hand, it's probably still more secure than handing your credit
card to a waiter.


Adam McKenna  <adam@debian.org>  <adam@flounder.net>

Reply to: