[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [saag] [Cfrg] Further MD5 breaks: Creating a rogue CAcertificate
--On Thursday, January 08, 2009 08:23:55 PM +1300 Peter Gutmann
Jeffrey Hutzelman <jhutz@xxxxxxx> writes:
Perhaps a solution to this is a new model.
A good start...
which for a fee provides
... and it just failed right there.
Perhaps, but it's fairly well essential. That fee is the basis for the
trust anchor provider's contractual obligation to the end user. Drop that,
and the whole thing falls apart.
Note that charging a fee for this service is not absurd. Lots of people
(consumers) pay fees for up-to-date lists of virus signatures, phishing
sites, spam-blocking rules, and so on.