BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] root CA bloat
- Subject: [Discuss] root CA bloat
- From: richard.pieri at gmail.com (Richard Pieri)
- Date: Sun, 23 Nov 2014 09:53:13 -0500
- In-reply-to: <CAJFsZ=pzNw6mk1aQZvLJ8CvAe-hv4EQA5Fu6g4Ewcf3kok=NyA@mail.gmail.com>
- References: <546C4823.6060900@gmail.com> <BN3PR0401MB1204BAB10AE6249C54E4E81BDC760@BN3PR0401MB1204.namprd04.prod.outlook.com> <546D7B55.70903@gmail.com> <BN3PR0401MB1204E9F1CF304F6724855281DC760@BN3PR0401MB1204.namprd04.prod.outlook.com> <546FC87F.1090203@gmail.com> <546FE733.8070007@gmail.com> <CAJFsZ=pXgxcG5zeD=zg+us8uanYgRGEcToYAjuwekH7+K980Yg@mail.gmail.com> <5470A912.2080801@gmail.com> <CAJFsZ=rvcyoP+Op7EG01kkJyMM72mwg=sicPHF5fVdRbYceApw@mail.gmail.com> <5471272F.4090506@gmail.com> <CAJFsZ=pzNw6mk1aQZvLJ8CvAe-hv4EQA5Fu6g4Ewcf3kok=NyA@mail.gmail.com>
On 11/23/2014 3:26 AM, Bill Bogstad wrote: > If they did something that Microsoft hadn't requested then I'm pretty > sure somebody would both notice AND care. This is all in the context > of attacking the security of Internet communications via a MITM > attack. If Microsoft (one of the two parties communicating > in this example) authorized it, then it isn't MITM. Whether it Ahh. I see what you mean, now. Your argument, that because Microsoft /did/ authorize MarkMonitor to act as an intermediary makes any interception not MITM since it's not an unauthorized party listening in, has merit. But then, the NSA is authorized by law to do the same thing. Right now, almost the entirety of Internet communications is controlled by a handful of corporate entities which have even more power than the NSA to eavesdrop on communications. The biggest concern that I have isn't that MarkMonitor and its competitors will eavesdrop. It's that they'll receive national security letters ordering them to shut everything down. -- Rich P.
- Follow-Ups:
- [Discuss] root CA bloat
- From: bogstad at pobox.com (Bill Bogstad)
- [Discuss] root CA bloat
- References:
- [Discuss] free SSL certs from the EFF
- From: tmetro+blu at gmail.com (Tom Metro)
- [Discuss] free SSL certs from the EFF
- From: blu at nedharvey.com (Edward Ned Harvey (blu))
- [Discuss] free SSL certs from the EFF
- From: tmetro+blu at gmail.com (Tom Metro)
- [Discuss] free SSL certs from the EFF
- From: blu at nedharvey.com (Edward Ned Harvey (blu))
- [Discuss] root CA bloat
- From: tmetro+blu at gmail.com (Tom Metro)
- [Discuss] root CA bloat
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] root CA bloat
- From: bogstad at pobox.com (Bill Bogstad)
- [Discuss] root CA bloat
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] root CA bloat
- From: bogstad at pobox.com (Bill Bogstad)
- [Discuss] root CA bloat
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] root CA bloat
- From: bogstad at pobox.com (Bill Bogstad)
- [Discuss] free SSL certs from the EFF
- Prev by Date: [Discuss] root CA bloat
- Next by Date: [Discuss] root CA bloat
- Previous by thread: [Discuss] root CA bloat
- Next by thread: [Discuss] root CA bloat
- Index(es):
