On Tue, 15 Oct 2019 12:52:18 -0400, Hector Santos said:
But it just dawn on me, should a site like the above domain be trusted
as a TTP (Trusted Third Party) CA? The bundle can contain TTP
"posers." For that matter, why should the user trust any CA anyway?
If there were a small number of top-level CAs of irreproachable reputation,
it wold be one thing. But when the bar is low enough that there's 600+
organizations that qualify....
pgpIL5EyT5n9R.pgp
Description: PGP signature
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp