It seems like SSL is really getting hit these days. And I do not think EV-SSL certs are going to save the day...
http://www.vasco.com/company/press_room ... ident.aspx
News stories from around the globe about hacking, ethical hacking, pen testing, incident response and more.
cd1zz wrote:Its kind of a broken system. Moxie has great talks on this. If you allow just about anyone to be a CA or if you're a CA and have shitty security practices, then it ruins the integrity of the entire system. If we cant count on CAs to provide valid certs to legit companies then what good is it? At least the communication channel is encrypted.
lorddicranius wrote:Moxie introduced his alternative for the current CA structure this year at BlackHat/DEFCON:
Has anybody had a chance to check it out?
I just came across this via Twitter: http://codereview.chromium.org/7791032/ ... ificate.cc
3xban wrote:Might as well install your own CA and just use self signed
Users browsing this forum: No registered users and 0 guests