On Tue, 15 Oct 2019 12:52:18 -0400, Hector Santos said:
But it just dawn on me, should a site like the above domain be trusted
as a TTP (Trusted Third Party) CA? The bundle can contain TTP
"posers." For that matter, why should the user trust any CA anyway?
If there were a small number of top-level CAs of irreproachable reputation,
it wold be one thing. But when the bar is low enough that there's 600+
organizations that qualify....
Description: PGP signature
ietf-smtp mailing list