nationwide interception of Facebook & webmail login credentials in Tunisia

Richard W.M. Jones rich at
Wed Jan 26 19:24:25 GMT 2011

On Wed, Jan 26, 2011 at 01:24:26PM +0000, Brian Morrison wrote:
> True, but are any CAs already present *really* more trustworthy than
> the others? I suspect not.

I think this gets to the nub of it.  There's literally no criterion
for trusting a CA except that I set it up myself (and even then I'm
suspicious :-)  Why wouldn't the NSA have the private keys used by
Verisign?  I'd actually consider them to be failing in their job if
they *hadn't* got them.


Richard Jones
Red Hat

More information about the ukcrypto mailing list