Re: ca-certificates: no more cacert.org certificates?!?

To: debian-devel@lists.debian.org
Subject: Re: ca-certificates: no more cacert.org certificates?!?
From: Paul Wise <pabs@debian.org>
Date: Wed, 2 Apr 2014 18:17:13 +0800
Message-id: <[🔎] CAKTje6G1_mQBuqxS+WdvgLjZYeaXBDC1stNj6HZT2B6AJ_7X8g@mail.gmail.com>
In-reply-to: <[🔎] 20140402100947.GA3032@smurf.noris.de>
References: <[🔎] CAKTje6Et5CbXHEAbMFmw4FCv+mfkPTO21oO6UpM9Yyk+BR0dWA@mail.gmail.com> <[🔎] 87lhvp1i2s.fsf@poker.hands.com> <[🔎] 20140401202211.GC15123@a82-93-13-222.adsl.xs4all.nl> <[🔎] CAKTje6FDijKX_ytQhj9d_=tqT=Y_jLAq2CJTB_xOstE7WFwAHA@mail.gmail.com> <[🔎] 20140402100947.GA3032@smurf.noris.de>

On Wed, Apr 2, 2014 at 6:09 PM, Matthias Urlichs wrote:

> Somebody could passively log the connection for later analysis.
> Your argument does not hold for this case.

I don't have an argument, I'm saying that Snowden revealed that global
active adversaries like the NSA and GCHQ have been doing this for a
while. Logging ciphertext via passive MITM and breaking endpoint
security to defeat encryption globally.

-- 
bye,
pabs

http://wiki.debian.org/PaulWise

Reply to:

References:
- Re: ca-certificates: no more cacert.org certificates?!?
  - From: Paul Wise <pabs@debian.org>
- Re: ca-certificates: no more cacert.org certificates?!?
  - From: Philip Hands <phil@hands.com>
- Re: ca-certificates: no more cacert.org certificates?!?
  - From: Bas Wijnen <wijnen@debian.org>
- Re: ca-certificates: no more cacert.org certificates?!?
  - From: Paul Wise <pabs@debian.org>
- Re: ca-certificates: no more cacert.org certificates?!?
  - From: Matthias Urlichs <matthias@urlichs.de>

Prev by Date: Re: ca-certificates: no more cacert.org certificates?!?
Next by Date: Re: default messaging/VoIP client for Debian 8/Jessie
Previous by thread: Re: ca-certificates: no more cacert.org certificates?!?
Next by thread: Re: ca-certificates: no more cacert.org certificates?!?
Index(es):
- Date
- Thread