Re: "Certification Authorities are recommended to stop using MD5 altogether"

To: debian-security@lists.debian.org
Subject: Re: "Certification Authorities are recommended to stop using MD5 altogether"
From: Nikolai Lusan <nikolai@lusan.id.au>
Date: Thu, 01 Jan 2009 12:34:36 +1000
Message-id: <[🔎] 1230777276.9566.3.camel@sevastopol.lusan.id.au>
In-reply-to: <20081231191518.GC6475@pond>
References: <0812310232100.8102@somehost> <200812311052.41476.bgrpt3@toplitzer.net> <20081231191518.GC6475@pond>

On Wed, 2008-12-31 at 14:15 -0500, Micah Anderson wrote:

> Does anyone have a legitimate reason to trust any particular Certificate
> Authority? 

The trust comes with knowing the procedures a CA uses to verify the
particulars of the people asking (or indeed paying) them to sign
certificates. The point of signing certificates is to generate a web of
trust, you trust that X is who they say they are bcause Y(whom you
trust) says they are.

-- 
Nikolai Lusan <nikolai_@_lusan_._id_._au>

Reply to:

Prev by Date: Re: "Certification Authorities are recommended to stop using MD5 altogether"
Next by Date: Re: Certification Authorities are recommended to stop using MD5 altogether
Previous by thread: Re: "Certification Authorities are recommended to stop using MD5 altogether"
Next by thread: Re: Certification Authorities are recommended to stop using MD5 altogether
Index(es):
- Date
- Thread