On Tue, Jan 06, 2009 at 09:08:56PM -0800, Walt Pawley wrote: > At 12:31 PM -0700 1/6/09, Chad Perrin wrote: > > >On the other hand, I don't trust Verisign, either. > > What's to trust? If you pay them, you "in."
Exactly. That's why I -- as the guy sitting in front of the *browser* -- don't trust Verisign to do my authentication and authorization thinking for me. There's at minimum a potential for conflict of interest there, in addition to the likelihood (now realized, in the form of leveraging MD5 to crack Verisign cert authenticity) of bureaucratic incompetence producing disaster entirely by accident. -- Chad Perrin [ content licensed OWL: http://owl.apotheon.org ] Quoth James Madison: "If Tyranny and Oppression come to this land, it will be in the guise of fighting a foreign enemy."
pgpRVzc9D763z.pgp
Description: PGP signature
