Are Some CAs Too Big To Fail? 163
Trailrunner7 writes "In the wake of this weekend's revelations of the seriousness of the attack on certificate authority DigiNotar, security experts have renewed criticism of the Internet's digital certificate infrastructure, with some wondering if larger certificate authorities (CAs) might be too big to fail. Would Mozilla and Microsoft and Google have revoked trust in root certificates from VeriSign or Thawte had they been compromised? Unlikely. 'It's not a simple matter of removing certificates from a database, because they're not in any databases,' says researcher Moxie Marlinspike, who presented an alternative approach to the current SSL infrastructure last month at DEFCON. 'We may never track them all down.'"
User ignorance (Score:4, Insightful)
Too big to fail... (Score:5, Insightful)
Re:Too big to fail... (Score:2, Insightful)
Both Democrats and Republicans (and even Tea Partiers, from what I've seen....) are for big government. The argument is what part of the government should be big.
We compromise by making both sides big.