[Discuss] email privacy/security
Kent Borg
kentborg at borg.org
Tue Aug 6 08:28:59 EDT 2013
On 08/05/2013 04:45 PM, Richard Pieri wrote:
> You're assuming that the NSA needs to crack everything. I'm assuming
> that they have master keys for the public certificate authorities.
That doesn't give them session keys for communications. And they don't
have a private key that they don't have. A self-signed certificate is
still good. And though a commercially certificate can be spoofed, when
Verisign signs a certificate, the private key is not magically produced.
-kb
More information about the Discuss
mailing list