On Aug 27, 2011, at 10:31 AM, John Levine wrote:
TLS for session privacy is nice, but I find negligible value in a
little lock icon in my browser that means only that one of the several
dozen cert issuers configured into my browser, most of whom I've never
heard of, and many of whom aren't even the organization in the cert
name, signed something.
+1. IMO browser vendors have made TLS nearly useless for web browsing by
including so many default CAs; some with dubious integrity, and a few with a
demonstrated lack of integrity.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf