[Top] [All Lists]

Re: bozoproofing the net, was The Value of Reputation

2006-01-04 08:30:47
"John" == John R Levine <johnl(_at_)iecc(_dot_)com> writes:

    John> The CAs that people use in web SSL are overwhelmingly signed
    John> by Verisign or its subsidiaries like Thawte.  Geotrust is a
    John> distant second.

    John> I honestly don't know what signers people use for STARTTLS
    John> but since everyone uses the same small set of TLS libraries,
    John> my working assumption is that they use the same small set of
    John> authorities, too.

OK.  If this is just an assumption and not backed by evidence, I would
suspect that outside of the web you see a lot less use of the big CAs.

Ietf mailing list