[Discuss] root CA bloat
John Abreau
abreauj at gmail.com
Sun Nov 23 22:22:11 EST 2014
Replacing X.509 requires that every site you want to visit switch away from
X.509 as well.
Convincing the whole world to embrace a crypto flag day is an enormously
bigger task than bolting kludges onto an established standard.
On Sun, Nov 23, 2014 at 8:33 PM, Richard Pieri <richard.pieri at gmail.com>
wrote:
> On 11/23/2014 7:33 PM, Tom Metro wrote:
>
>> The extension provides a dialog where you configure which factors to
>> consider and how to weigh them, with reasonable defaults to get you
>> started.
>>
>
> What I don't understand -- and maybe don't want to understand -- is why
> you are jumping through hoops to bolt kludges onto X.509 instead of working
> to replace X.509 with something that has verifiable trust baked in.
>
> --
> Rich P.
>
> _______________________________________________
> Discuss mailing list
> Discuss at blu.org
> http://lists.blu.org/mailman/listinfo/discuss
>
--
John Abreau / Executive Director, Boston Linux & Unix
Email: abreauj at gmail.com / WWW http://www.abreau.net / PGP-Key-ID 0x920063C6
PGP-Key-Fingerprint A5AD 6BE1 FEFE 8E4F 5C23 C2D0 E885 E17C 9200 63C6
More information about the Discuss
mailing list