[AusNOG] Lets Encrypt

Nick Savvides Nick_Savvides at symantec.com
Wed Nov 19 16:21:28 EST 2014


Personally I remove or mark as untrusted CAs that I don’t think I have valid reason to work with from systems I manage.

Unfortunately you cannot do this on Apple iOS.


Nick.
 
-------------------------------------------------------
Nick Savvides,  Senior Principal Systems Engineer (Security)
nick_savvides at symantec.com, Mobile: +61 434 600 870

> On 19 Nov 2014, at 11:40 , Mark Newton <newton at atdot.dotat.org> wrote:
> 
> 
> On Nov 19, 2014, at 10:42 AM, Alex Samad - Yieldbroker <Alex.Samad at yieldbroker.com> wrote:
> 
>> Would you trust a CA who gave our certs to any one ?
> 
> Verisign/Thawte have been giving certs to just anyone for years.
> 
> Your browser trusts hundreds (thousands?) of CAs, some of which are owned or controlled by hostile foreign governments.  Just sayin’.
> 
>  - mark
> 
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 7769 bytes
Desc: not available
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20141118/58b7c004/attachment.bin>


More information about the AusNOG mailing list