Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [GOATSE SECURITY] Clench: Goatse's way to say "screw you" to certificate authorities

From: BMF <badmotherfsckr () gmail com>
Date: Wed, 8 Sep 2010 12:57:39 -0700
On Wed, Sep 8, 2010 at 12:12 PM, Christian Sciberras <uuf6429 () gmail com> wrote:

Call me paranoid, but I stick to the #1 rule of never ever trusting the public.


That is what is good about WoT. You can set the policy on who to
trust. You can trust only yourself, certain people, or $BIGCORP if
that is what you want. Right now your browser by default trusts one of
over 600 different groups, some of which are governments:

http://www.slate.com/id/2265204


I'd rather have a company pay some good bucks to get their hands on a
highly trusted certificate than kids who's aim in life is wiping as
much hard disks as possible.


"highly trusted"? You're joking, right?


Which also answers why those $10-$20 assholes does a better job than
the kids we all know about...


"kids" aren't trusted unless that is who you decide to trust.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: