BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] Why the dislike of X.509?
- Subject: [Discuss] Why the dislike of X.509?
- From: richard.pieri at gmail.com (Richard Pieri)
- Date: Mon, 25 Aug 2014 10:38:21 -0400
- In-reply-to: <53FB19E5.4080602@aeminium.org>
- References: <53F9F6B9.4060505@stephenadler.com> <20140824161132.GE14848@randomstring.org> <be314521ab6bebb6add54d706b042f01.squirrel@mail.mohawksoft.com> <53FA1C3B.70908@gmail.com> <53FB19E5.4080602@aeminium.org>
On 8/25/2014 7:11 AM, Nuno Sucena Almeida wrote: > Why the dislike of X.509 ? The dependence on centralized certificate authorities. X.509 is not verifiably trustworthy and is anything but private. X.509 is, in fact, compromised by design. It was designed specifically to grant administrators of X.509 domains access to everything within their domains. The only reason it's so widespread today is because Netscape couldn't get an export license under ITAR without a key escrow mechanism that could be subverted by the US government. That's the foundation of Netscape's early SSL which Microsoft duplicated. And now we're saddled with a global scale security infrastructure that was compromised at the roots from Day 1. That's why I hate X.509. -- Rich P.
- Follow-Ups:
- [Discuss] Why the dislike of X.509?
- From: jabr at blu.org (John Abreau)
- [Discuss] Why the dislike of X.509?
- References:
- [Discuss] vnc
- From: adler at stephenadler.com (Stephen Adler)
- [Discuss] vnc
- From: dsr at randomstring.org (Dan Ritter)
- [Discuss] vnc
- From: markw at mohawksoft.com (markw at mohawksoft.com)
- [Discuss] vnc
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] vnc
- From: nuno at aeminium.org (Nuno Sucena Almeida)
- [Discuss] vnc
- Prev by Date: [Discuss] vnc
- Next by Date: [Discuss] vnc
- Previous by thread: [Discuss] vnc
- Next by thread: [Discuss] Why the dislike of X.509?
- Index(es):
