ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: PKI is weakly secure (was Re: Updating the rules?)

2007-07-07 04:00:19
from [Masataka Ohta] [Permanent Link] 
Eliot Lear wrote:


[I should know better, but...]


That's your problem.


Given that CAs of PKI can be compromised as easily as ISPs
of the Internet, PKI is merely weakly secure as weakly as
the plain Internet.



This can be said of any technology that is poorly managed.


So, you merely believe that the infrastructure of PKI is well
managed.

That's exactly why PKI is NOT strongly secure.

You can believe that the infrastructure of the Internet is well
managed, eaqually easilly.


On the other 
hand, can you cite examples of a well known certificate (say one that I 
might have found in Mozilla, Netscape, Firefox, etc) that has actually 
been compromised?


Can you cite examples of a tier1 ISP that has actually been
compromised for active attack against DH?


I know of precisely one example.


That's a lot more than enough.

                                                        Masataka Ohta


_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: PKI is weakly secure (was Re: Updating the rules?), Eliot Lear
Next by Date:  Re: PKI is weakly secure (was Re: Updating the rules?), Keith Moore
Previous by Thread:  Re: PKI is weakly secure (was Re: Updating the rules?), Eliot Lear
Next by Thread:  Re: PKI is weakly secure (was Re: Updating the rules?), Masataka Ohta
Indexes:  [Date] [Thread] [Top] [All Lists]