mmm, petits filous (was Re: NTK now, 2005-02-04)

[R.A. Hettinga]

At 5:45 PM +0000 2/4/05, Dave Green wrote:
>                             mmm, petits filous
>
>         Everyone else likes to worry about Google's gathering
>         conflict of interests, but Verisign's S.P.E.C.T.R.E.-level
>         skills still take some beating. This week, orbiting crypto
>         analysts Ian Grigg and Adam Shostock belatedly pointed out
>         to ICANN that perhaps Verisign couldn't trusted with
>         .net. Why? Well, Verisign these days offers both top level
>         domains and SSL certificate authentication. They also, with
>         their NetDiscovery service - sell ISPs a complete service for
>         complying with law enforcement surveillance orders. So, if an
>         American court demands an ISP wiretap its customers, and the
>         ISP turns that order over to Verisign to do the dirty: well,
>         Verisign can now fake any domain you want, and issue any
>         temporary fake certificate, allowing even SSLed
>         communications to be monitored. What's even more fun is that
>         they are - at least in the US - now moving into providing
>         infrastructure for mobile telephony. Yes, NOT EVEN YOUR
>         RINGTONES ARE SAFE.
>         http://forum.icann.org/lists/net-rfp-verisign/msg00008.html
>                            - you know, this is probably a little late
>         http://iang.org/ssl/
>                             - but then, this is the year of the snail
>         http://www.thefeature.com/article?articleid=101334&ref=5459267
>                                  - stupid network vs stupider company

-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'