CDR: Info on Sun key compromise?
Alex B. Shepardsen
abs at squig.org
Mon Oct 30 21:40:47 PST 2000
Perhaps this will clue users into the fact that they need to be vigilant
about monitoring the trusted roots in their browsers.
Perhaps this will clue the browser vendors into the fact that there needs
to be a revocation distribution method for compromised certificates.
Perhaps this will clue the CAs and other trusted root holders into the
fact that they need to protect their roots.
Or perhaps I ask too much from an industry accustomed to doing so little.
Alexandra
On Mon, 30 Oct 2000, Lucky Green wrote:
> Does anybody on this list have details about the key compromise Sun
> experienced? See http://www.securityfocus.com/bid/1851
>
> AFIK, this is the first published private key compromise of a major
> vendor. How did it happen?
>
> Thanks,
> -- Lucky Green <shamrock at cypherpunks.to> PGP encrypted email preferred.
>
More information about the cypherpunks-legacy
mailing list