Skip to Content.
Sympa Menu

discuss - Re: [opennic-discuss] OpenNIC support on CloudFlare

discuss AT

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] OpenNIC support on CloudFlare

Chronological Thread 
  • From: staticsafe <me AT>
  • To: discuss AT
  • Subject: Re: [opennic-discuss] OpenNIC support on CloudFlare
  • Date: Mon, 23 Sep 2013 10:15:37 -0400

On 9/22/2013 23:33, John David Galt wrote:
On 2013-09-22 20:17, Coyo wrote:
Verisign is a very influential company. They operate many of the root
DNS servers for the entirety of the Internet, they are one of the most
critical of the Certificate Authorities.

People trust their Internet privacy and security to this company every
second of every day.

This company has abused that trust innumerable times.

They're not the only ones. Many nasty governments, as well as too-nosy
companies, have been given the status of Certificate Authority, and
nobody has yet published a list of who the CAs really are, so as it
stands, SSL should be considered completely compromised.

What we need is either a new, web-of-trust protocol, or at the least a
new, trustworthy SSL authority that can take the place of all the ones
we have now.

If that means that traffic from spy-ridden countries starts being
blocked by one site after another, so much the better.

DNSSEC + DANE [0] may be the answer.

[0] -
O< ascii ribbon campaign - stop html mail -
Please don't top post. It is not logical.
Please don't CC me! I'm subscribed to whatever list I just posted on.

Archive powered by MHonArc 2.6.19.

Top of Page