back to article Elgamal, Marlinspike join dream team tackling SSL screw-ups

A non-profit organisation has brought together a team of experts to tackle SSL governance and implementation issues and promote best practice. The Trustworthy Internet Movement (TIM) is convening a task force that includes Taher Elgamal, one of the creators of the SSL protocol; Moxie Marlinspike, creator of Convergence; Ivan …

COMMENTS

This topic is closed for new posts.
Happy

CA ecosystem

"It has set itself the tough task of fixing both the SSL and Certificate Authority (CA) ecosystems."

It certainly does - I thought it was blindingly clear to everyone by now that the "CA ecosystem" simply does not work. The fundamental basis of it is too easy to get wrong and/or break.

0
0
Anonymous Coward

don't entirely agree

CA's are vulnerable like any other entity. What we need are stronger punishments for CA's that flout the rules deliberately and the removal of any SSL scheme that doesn't involve real identity verification. There is really no reason why all SSL certs for websites are not required to go through the EV process before issuing.

0
0
This topic is closed for new posts.

Forums