[LINK] RFC: Could CAs Be Eavesdropping on Their Clients?

Philip Argy pargy at argystar.com
Sat Aug 14 20:01:46 AEST 2010

What's more, the terms and conditions of most certificates are full of
disclaimers, including gems such as 'do not rely on this certificate for
authentication purposes'!!  WTF (a technical legal term for 'total failure
of consideration'!)

For amusement read the Ts and Cs of the next certificate you come across and
be afraid - be very afraid!


-----Original Message-----
From: link-bounces at mailman1.anu.edu.au
[mailto:link-bounces at mailman1.anu.edu.au] On Behalf Of Roger Clarke
Sent: Saturday, 14 August 2010 10:02
To: link at anu.edu.au; privacy at lists.efa.org.au
Subject: [LINK] RFC: Could CAs Be Eavesdropping on Their Clients?

The NYT story below says that Certificate Authorities (CAs) have 
proliferated to c. 650, and, worse than that, are out of control.

Here follows a quick analysis (off the top of the head, without 
research) on two key aspects of the points made in the article.  I'd 
be delighted if linkers can show me that my analysis is awry.

More information about the Link mailing list