Harald Koch <c...@pobox.com> writes: > On 3/23/2011 11:05 PM, Martin Millnert wrote: >> To my surprise, I did not see a mention in this community of the >> latest proof of the complete failure of the SSL CA model to actually >> do what it is supposed to: provide security, rather than a false sense >> of security. > > This story strikes me as a success - the certs were revoked > immediately, and it took a surprisingly short amount of time for > security fixes to appear all over the place.
But revocation doesn't work, and people don't install updates, so this is only a *theoretical* success. -- Leif Nixon - Security officer National Supercomputer Centre - Swedish National Infrastructure for Computing Nordic Data Grid Facility - European Grid Infrastructure
