Re: Bruce Schneier's Proposal to dedicate November meeting to saving the Internet from the NSA

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sep 6, 2013, at 2:06 PM, Måns Nilsson <mansaxel@xxxxxxxxxxxxxxxx> wrote:
>> Right, because there's no way the NSA could ever pwn the DNS root key.
> It is probably easier for NSA or similar agencies in other countries
> to coerce X.509 root CA providers that operate on a competetive market
> than fooling the entire international DNS black helicopter cabal. 

Probably the wrong place to apply the paranoia. How much do you trust the AEP Keyper HSM tamperproof blackbox hasn't had a backdoor installed into it at the factory?

> Audit and open source seem to be good starting points. 

Where feasible, sure. Unfortunately, the rabbit hole is deep.  How many billions of transistors are there in commodity chips these days?

Regards,
-drc

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]