ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Number of CAs

2013-11-17 16:24:11
from [Masataka Ohta] [Permanent Link] 
Randy Bush wrote:


i'll try once again,
http://conferences.sigcomm.org/imc/2013/papers/imc257-durumericAemb.pdf


It correctly states:

        1,800 entities that are able to issue
        certificates vouching for the identity of any website

that is one insecure entity is a lot more than enough.

Phillip Hallam-Baker wrote:


Their number of intermediate certs is more accurate. But they make
the same mistake of conflating an intermediate cert with control
of a CA.


Why do you insist on counting the number of Angels when just one
fallen one is a lot more than enough?

A CA a few key managing personnel of which are under US legislation
is a lot more than enough.

                                                Masataka Ohta
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [IAB] Mandatory encryption as part of HTTP2, Hannes Tschofenig
Next by Date:  Re: [IAB] Mandatory encryption as part of HTTP2, Masataka Ohta
Previous by Thread:  Re: Number of CAs (was: Mandatory encryption as part of HTTP2), Phillip Hallam-Baker
Next by Thread:  Re: Number of CAs, Phillip Hallam-Baker
Indexes:  [Date] [Thread] [Top] [All Lists]