nationwide interception of Facebook & webmail login credentials in Tunisia
Richard W.M. Jones
rich at annexia.org
Wed Jan 26 19:24:25 GMT 2011
On Wed, Jan 26, 2011 at 01:24:26PM +0000, Brian Morrison wrote:
> True, but are any CAs already present *really* more trustworthy than
> the others? I suspect not.
I think this gets to the nub of it. There's literally no criterion
for trusting a CA except that I set it up myself (and even then I'm
suspicious :-) Why wouldn't the NSA have the private keys used by
Verisign? I'd actually consider them to be failing in their job if
they *hadn't* got them.
More information about the ukcrypto