A non-profit organisation has brought together a team of experts to tackle SSL governance and implementation issues and promote best practice. The Trustworthy Internet Movement (TIM) is convening a task force that includes Taher Elgamal, one of the creators of the SSL protocol; Moxie Marlinspike, creator of Convergence; Ivan …
"It has set itself the tough task of fixing both the SSL and Certificate Authority (CA) ecosystems."
It certainly does - I thought it was blindingly clear to everyone by now that the "CA ecosystem" simply does not work. The fundamental basis of it is too easy to get wrong and/or break.
don't entirely agree
CA's are vulnerable like any other entity. What we need are stronger punishments for CA's that flout the rules deliberately and the removal of any SSL scheme that doesn't involve real identity verification. There is really no reason why all SSL certs for websites are not required to go through the EV process before issuing.
- The land of Milk and Sammy: Free music app touted by Samsung
- The long war on 'DRAM price fixing' is over: Claim YOUR spoils now (It's worth a few beers)
- Privacy warriors lob sueball at Facebook buyout of WhatsApp
- 20 Freescale staff on vanished Malaysia Airlines flight MH370
- Dell thuds down low-cost lap workstation for
cheapfrugal creatives or engineers