[AusNOG] Lets Encrypt
Nick Savvides
Nick_Savvides at symantec.com
Wed Nov 19 16:21:28 EST 2014
Personally I remove or mark as untrusted CAs that I don’t think I have valid reason to work with from systems I manage.
Unfortunately you cannot do this on Apple iOS.
Nick.
-------------------------------------------------------
Nick Savvides, Senior Principal Systems Engineer (Security)
nick_savvides at symantec.com, Mobile: +61 434 600 870
> On 19 Nov 2014, at 11:40 , Mark Newton <newton at atdot.dotat.org> wrote:
>
>
> On Nov 19, 2014, at 10:42 AM, Alex Samad - Yieldbroker <Alex.Samad at yieldbroker.com> wrote:
>
>> Would you trust a CA who gave our certs to any one ?
>
> Verisign/Thawte have been giving certs to just anyone for years.
>
> Your browser trusts hundreds (thousands?) of CAs, some of which are owned or controlled by hostile foreign governments. Just sayin’.
>
> - mark
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 7769 bytes
Desc: not available
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20141118/58b7c004/attachment.bin>
More information about the AusNOG
mailing list