Re: not really pgp signing in van
Phillip Hallam-Baker <hallam@gmail.com> Tue, 10 September 2013 22:50 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AAE4E11E81CA for <ietf@ietfa.amsl.com>; Tue, 10 Sep 2013 15:50:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B95XQQN4ToKh for <ietf@ietfa.amsl.com>; Tue, 10 Sep 2013 15:50:05 -0700 (PDT)
Received: from mail-lb0-x236.google.com (mail-lb0-x236.google.com [IPv6:2a00:1450:4010:c04::236]) by ietfa.amsl.com (Postfix) with ESMTP id 859D411E811D for <ietf@ietf.org>; Tue, 10 Sep 2013 15:50:03 -0700 (PDT)
Received: by mail-lb0-f182.google.com with SMTP id c11so6890731lbj.13 for <ietf@ietf.org>; Tue, 10 Sep 2013 15:50:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=7VRRV9yUyLJRrIBEDBosqosH/X37Cwx5HBsr8ldUk9s=; b=H0HXuNQ4ZvZ2CPdqogsUB3PqYyiFVW52LlXxF3wfVk7ZCyZqW2uAIXCwEio2+rH1VT kpnt4I/vTPcbBltRgJRaVnw5/AWg34+cWpE+qZp9LCNJYm0OL4cpAuHnAPU5f+nsnhDo 0FizCcogMV7iOvB0h8cPwCjhC8otck7ewTZ+Zbr1J/d0+J4E9lZXVTXTSvBqIj48PgxX w68eGpOL0mVO7XiXGUMiVr3qQyfMh1QKm4sPGo4j6QdogYUdXZCYXu0/vbu4w07QuwKt vhvSJVYtjG4i4P8kGpwNRP7JfrJ1VfYRNhq2UNRnu0Vpl4F2W4vmGbzIEDrmuT9pERGe k8uA==
MIME-Version: 1.0
X-Received: by 10.112.52.225 with SMTP id w1mr87107lbo.31.1378853402433; Tue, 10 Sep 2013 15:50:02 -0700 (PDT)
Received: by 10.112.148.165 with HTTP; Tue, 10 Sep 2013 15:50:02 -0700 (PDT)
In-Reply-To: <B27CD2F3-D71E-446A-9166-AC05B49718F4@nominum.com>
References: <20130910010719.33978.qmail@joyce.lan> <8D23D4052ABE7A4490E77B1A012B63077527E234@mbx-01.win.nominum.com> <alpine.BSF.2.00.1309092125360.34090@joyce.lan> <8D23D4052ABE7A4490E77B1A012B63077527E488@mbx-01.win.nominum.com> <CAMm+LwhZ9OKesZW+kFct5Gps6_JBzcNUUBQ-y5J21zMcxmL6EQ@mail.gmail.com> <241D1DD6-C096-49D6-A05B-33638846BF15@nominum.com> <CAMm+LwhhUzDX=AaJXSCkqJofHQ9ZiN11GmCw-reO0OPmNC4fyA@mail.gmail.com> <E2ECE63C-D8E4-4A5A-BEA3-295C027D0E71@nominum.com> <alpine.BSF.2.00.1309101745410.46654@joyce.lan> <B27CD2F3-D71E-446A-9166-AC05B49718F4@nominum.com>
Date: Tue, 10 Sep 2013 18:50:02 -0400
Message-ID: <CAMm+LwiDCA1-KCm_Sj757Ty67qn1y0QFNoCd76qMxTAhOMXj7w@mail.gmail.com>
Subject: Re: not really pgp signing in van
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Ted Lemon <Ted.Lemon@nominum.com>
Content-Type: multipart/alternative; boundary="001a11c3fe903fde0304e60f5389"
Cc: John R Levine <johnl@taugh.com>, "<ietf@ietf.org>" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Sep 2013 22:50:06 -0000
On Tue, Sep 10, 2013 at 6:06 PM, Ted Lemon <Ted.Lemon@nominum.com> wrote: > On Sep 10, 2013, at 5:47 PM, John R Levine <johnl@taugh.com> wrote: > > How likely is it that they would risk their reputation and hence their > entire business by screwing around with free promo S/MIME certs? > > I don't know. What happens if they are served with an NSL? Well I do not have access to the operational side of Comodo so I do not have direct knowledge. However I have no need of the money so if I had knowledge of an NSL that I found unconscionable then I would stop working for them. > I certainly don't think they'd *choose* to do anything like this, but > what if it's that or jail? Remember, we know of at least one case of a > business owner being threatened with jail because he closed his business > rather than do precisely what we are discussing. > I don't think an NSL can require me to work for a company and since I am a foreign national I am not obliged to live in the country. Low level government functionaries rarely attempt goon tactics on people who are relatives of cabinet ministers and have personal friends on both front benches in parliament. > Remember too that the NSL doesn't even have to be served to the CEO—it > could as easily be served to a geek on staff. It's horrible to > contemplate that such a thing might happen, but based on what we know at > this point, it's not unreasonable to include this in our risk model. It > is _definitely_ not in the tin foil hat zone anymore. > Could be but I have been working through what we know versus what would be required and I really can't see how a group of people who would let Snowden loose on their innermost secrets would be able to keep a conspiracy that required CAs or Gmail staff or the like to participate on the scale required. All they would need to achieve the results as we know them from PRISM is the knowledge of where the fiber optic cables run and a large back hoe. -- Website: http://hallambaker.com/
- Re: pgp signing in van Scott Kitterman
- Re: pgp signing in van Scott Kitterman
- Re: pgp signing in van Melinda Shore
- pgp signing in van Randy Bush
- Re: pgp signing in van Phillip Hallam-Baker
- Re: pgp signing in van Dave Crocker
- Re: pgp signing in van Scott Kitterman
- RE: pgp signing in van l.wood
- Re: pgp signing in van Russ Housley
- Re: pgp signing in van Michael Richardson
- Re: pgp signing in van Peter Saint-Andre
- Re: pgp signing in van Phillip Hallam-Baker
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Joe Touch
- Re: pgp signing in van Phillip Hallam-Baker
- Re: pgp signing in van Phillip Hallam-Baker
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Melinda Shore
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Melinda Shore
- Re: pgp signing in van Joe Touch
- Re: pgp signing in van Scott Kitterman
- Re: pgp signing in van Phillip Hallam-Baker
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Scott Brim
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Melinda Shore
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Melinda Shore
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Pete Resnick
- Re: pgp signing in van Theodore Ts'o
- Re: pgp signing in van Hector Santos
- Re: pgp signing in van Phillip Hallam-Baker
- Re: pgp signing in van Hector Santos
- Re: pgp signing in van John C Klensin
- Re: pgp signing in van Michael Richardson
- Re: pgp signing in van Michael Richardson
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Peter Saint-Andre
- Re: pgp signing in van Hector Santos
- Re: pgp signing in van Peter Saint-Andre
- Re: pgp signing in van Måns Nilsson
- RE: pgp signing in van l.wood
- Re: pgp signing in van Anshuman Pratap Chaudhary
- Re: pgp signing in van Måns Nilsson
- Re: pgp signing in van Brian Trammell
- Re: pgp signing in van Andrew Sullivan
- Re: pgp signing in van Cyrus Daboo
- Re: pgp signing in van Peter Saint-Andre
- Re: pgp signing in van Michael Richardson
- Re: pgp signing in van John Levine
- Re: pgp signing in van David Conrad
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Peter Saint-Andre
- Re: pgp signing in van Richard Barnes
- Re: pgp signing in van Scott Brim
- Re: [IETF] Re: pgp signing in van Warren Kumari
- What real users think [was: Re: pgp signing in va… Brian E Carpenter
- Re: pgp signing in van Dan York
- Re: What real users think [was: Re: pgp signing i… Dave Crocker
- Re: pgp signing in van Ted Lemon
- Re: What real users think [was: Re: pgp signing i… Steve Crocker
- Re: What real users think [was: Re: pgp signing i… Ted Lemon
- Re: What real users think [was: Re: pgp signing i… Dave Crocker
- Re: What real users think [was: Re: pgp signing i… Hector Santos
- Re: What real users think [was: Re: pgp signing i… Steve Crocker
- Re: pgp signing in van Ted Lemon
- Re: What real users think [was: Re: pgp signing i… Brian E Carpenter
- Re: What real users think [was: Re: pgp signing i… John C Klensin
- Re: What real users think [was: Re: pgp signing i… Ted Lemon
- Re: pgp signing in van David Morris
- Re: What real users think [was: Re: pgp signing i… SM
- Re: What real users think [was: Re: pgp signing i… Dave Crocker
- Re: pgp signing in van Ted Lemon
- Re: What real users think [was: Re: pgp signing i… Ted Lemon
- Re: What real users think [was: Re: pgp signing i… Ted Lemon
- Re: not really pgp signing in van John Levine
- Re: not really pgp signing in van Ted Lemon
- Re: What real users think [was: Re: pgp signing i… John R. Levine
- Re: pgp signing in van Arturo Servin
- Re: not really pgp signing in van Scott Kitterman
- Re: What real users think [was: Re: pgp signing i… Phillip Hallam-Baker
- Re: not really pgp signing in van John Levine
- Re: What real users think [was: Re: pgp signing i… John Levine
- Re: not really pgp signing in van Ted Lemon
- Re: not really pgp signing in van John R Levine
- Re: not really pgp signing in van Ted Lemon
- Re: not really pgp signing in van John R Levine
- Re: What real users think [was: Re: pgp signing i… Fernando Gont
- Re: pgp signing in van Fernando Gont
- Re: pgp signing in van Ted Lemon
- Re: not really pgp signing in van Brian Trammell
- Re: pgp signing in van t.p.
- Re: not really pgp signing in van Måns Nilsson
- Re: pgp signing in van Ted Lemon
- the evil of html was Re: pgp signing in van t.p.
- Re: not really pgp signing in van Phillip Hallam-Baker
- Re: pgp signing in van Paul Wouters
- Re: not really pgp signing in van Ted Lemon
- Re: not really pgp signing in van Phillip Hallam-Baker
- Re: not really pgp signing in van Ted Lemon
- Re: not really pgp signing in van Martin Thomson
- Re: not really pgp signing in van Phillip Hallam-Baker
- Re: not really pgp signing in van John R Levine
- Re: not really pgp signing in van manning bill
- Re: not really pgp signing in van Ted Lemon
- Re: not really pgp signing in van Theodore Ts'o
- Re: not really pgp signing in van Phillip Hallam-Baker
- Re: not really pgp signing in van Ted Lemon
- Re: not really pgp signing in van Yoav Nir
- was: not really pgp signing in van SM
- Re: was: not really pgp signing in van Phillip Hallam-Baker