mmm, petits filous (was Re: NTK now, 2005-02-04)
R.A. Hettinga
rah at shipwright.com
Fri Feb 4 10:34:05 PST 2005
At 5:45 PM +0000 2/4/05, Dave Green wrote:
> mmm, petits filous
>
> Everyone else likes to worry about Google's gathering
> conflict of interests, but Verisign's S.P.E.C.T.R.E.-level
> skills still take some beating. This week, orbiting crypto
> analysts Ian Grigg and Adam Shostock belatedly pointed out
> to ICANN that perhaps Verisign couldn't trusted with
> .net. Why? Well, Verisign these days offers both top level
> domains and SSL certificate authentication. They also, with
> their NetDiscovery service - sell ISPs a complete service for
> complying with law enforcement surveillance orders. So, if an
> American court demands an ISP wiretap its customers, and the
> ISP turns that order over to Verisign to do the dirty: well,
> Verisign can now fake any domain you want, and issue any
> temporary fake certificate, allowing even SSLed
> communications to be monitored. What's even more fun is that
> they are - at least in the US - now moving into providing
> infrastructure for mobile telephony. Yes, NOT EVEN YOUR
> RINGTONES ARE SAFE.
> http://forum.icann.org/lists/net-rfp-verisign/msg00008.html
> - you know, this is probably a little late
> http://iang.org/ssl/
> - but then, this is the year of the snail
> http://www.thefeature.com/article?articleid=101334&ref=5459267
> - stupid network vs stupider company
--
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
More information about the cypherpunks-legacy
mailing list