[I should know better, but...] Masataka Ohta wrote:
What, do you mean, strong security? Given that CAs of PKI can be compromised as easily as ISPs of the Internet, PKI is merely weakly secure as weakly as the plain Internet.
This can be said of any technology that is poorly managed. On the other hand, can you cite examples of a well known certificate (say one that I might have found in Mozilla, Netscape, Firefox, etc) that has actually been compromised? I know of precisely one example.
Eliot _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf