[Cryptech Tech] The cert for cryptech.is
Rob Austein
sra at hactrn.net
Sat Mar 29 17:57:51 UTC 2014
At Sat, 29 Mar 2014 18:14:24 +0100, Jakob Schlyter wrote:
> On 29 mar 2014, at 17:48, Leif Johansson <leifj at sunet.se> wrote:
>
> > however since tlsa-support is not likely to appear any time soon
> > in browsers we are back to Joachims point: can we both sell
> > cryptech and rage against the CAs at the same time or should we
> > suck it up and buy the required bits?
It's not just rage against the CA business, wretched though it might
be. It's handing a third party the ability to launch MITM attacks.
> or just fetch a free one from StartSSL, who is WebTrust audited.
Still a third party, although perhaps a less offensive third party.
More information about the Tech
mailing list