[RndTbl] Google warns of unauthorized TLS certificates trusted by almost all OSes
Trevor Cordes
trevor at tecnopolis.ca
Sat Mar 28 02:16:32 CDT 2015
http://arstechnica.com/security/2015/03/google-warns-of-unauthorized-tls-certificates-trusted-by-almost-all-oses/?imm_mid=0cf0b5&cmp=em-web-na-na-newsltr_20150325
Fun! Not. Though the current model may be less than ideal, we must
grant them one thing: in the decades it's been in place, the number of
these breaches have been exceedingly small. That's saying something.
Perhaps users of browsers should get the option to block certs by
country-of-issuance? I bet I could turn off all of .ru, .ro and .cn
and never notice. (I'd probably need .tw though.)
More information about the Roundtable
mailing list