Re: [keyassure] publishing the public key
John Gilmore <gnu@toad.com> Tue, 15 February 2011 21:57 UTC
Return-Path: <gnu@toad.com>
X-Original-To: keyassure@core3.amsl.com
Delivered-To: keyassure@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7B6333A6AFF for <keyassure@core3.amsl.com>; Tue, 15 Feb 2011 13:57:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.412
X-Spam-Level:
X-Spam-Status: No, score=0.412 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_NJABL_RELAY=2.696, SARE_MILLIONSOF=0.315]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rGtIgDlKqN5v for <keyassure@core3.amsl.com>; Tue, 15 Feb 2011 13:57:54 -0800 (PST)
Received: from new.toad.com (new.toad.com [209.237.225.253]) by core3.amsl.com (Postfix) with ESMTP id D22BD3A6AB9 for <keyassure@ietf.org>; Tue, 15 Feb 2011 13:57:54 -0800 (PST)
Received: from new.toad.com (localhost.localdomain [127.0.0.1]) by new.toad.com (8.12.9/8.12.9) with ESMTP id p1FLwFiR027918; Tue, 15 Feb 2011 13:58:15 -0800
Message-Id: <201102152158.p1FLwFiR027918@new.toad.com>
To: Henry Story <henry.story@bblfish.net>
In-reply-to: <4487480D-900D-4416-8437-583693908163@bblfish.net>
References: <201102141829.p1EITKHc009151@fs4113.wdf.sap.corp> <4487480D-900D-4416-8437-583693908163@bblfish.net>
Comments: In-reply-to Henry Story <henry.story@bblfish.net> message dated "Mon, 14 Feb 2011 20:07:04 +0100."
Date: Tue, 15 Feb 2011 13:58:15 -0800
From: John Gilmore <gnu@toad.com>
Cc: keyassure@ietf.org
Subject: Re: [keyassure] publishing the public key
X-BeenThere: keyassure@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Key Assurance With DNSSEC <keyassure.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/keyassure>, <mailto:keyassure-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/keyassure>
List-Post: <mailto:keyassure@ietf.org>
List-Help: <mailto:keyassure-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/keyassure>, <mailto:keyassure-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Feb 2011 21:57:55 -0000
> I can't remember if in their presentation they tell us how many valid self > signed certs they found out there... According to Chris Palmer of EFF, the SSL Observatory found 7 million self-signed certs (and 4.3 million with other certs). But none of the self-signed certs were considered "valid self-signed certs" because the definition of "valid" was "with a valid signature chain, according to at least one browser", and of course browsers consider self-signed certs invalid. It appears that securing your web site with crypto is about three times as popular as obtaining a certificate from a certifying authority. So, providing a simple way in DNS for those 7 million web administrators to securely anchor their website's public keys to their domain names, without dealing with a certificate authority, would provide significant benefits to literally millions of people. John Gilmore
- Re: [keyassure] publishing the public key Henry Story
- [keyassure] publishing the public key Henry Story
- Re: [keyassure] publishing the public key Ilari Liusvaara
- Re: [keyassure] publishing the public key Henry Story
- Re: [keyassure] publishing the public key Paul Wouters
- Re: [keyassure] publishing the public key Henry Story
- Re: [keyassure] publishing the public key Paul Hoffman
- Re: [keyassure] publishing the public key Paul Hoffman
- Re: [keyassure] publishing the public key Paul Wouters
- Re: [keyassure] publishing the public key Martin Rex
- Re: [keyassure] publishing the public key Henry Story
- Re: [keyassure] publishing the public key Martin Rex
- Re: [keyassure] publishing the public key Paul Wouters
- Re: [keyassure] publishing the public key Scott Schmit
- Re: [keyassure] Issue #14 - publishing the public… Warren Kumari
- Re: [keyassure] Issue #14 - publishing the public… Paul Hoffman
- Re: [keyassure] publishing the public key Paul Wouters
- Re: [keyassure] publishing the public key Paul Wouters
- Re: [keyassure] publishing the public key Paul Hoffman
- Re: [keyassure] publishing the public key Paul Wouters
- Re: [keyassure] publishing the public key Henry Story
- Re: [keyassure] publishing the public key Henry Story
- Re: [keyassure] publishing the public key Ilari Liusvaara
- Re: [keyassure] publishing the public key Paul Hoffman
- Re: [keyassure] publishing the public key Paul Wouters
- Re: [keyassure] publishing the public key Yaron Sheffer
- Re: [keyassure] publishing the public key Ilari Liusvaara
- Re: [keyassure] publishing the public key Yaron Sheffer
- Re: [keyassure] publishing the public key John Gilmore
- Re: [keyassure] publishing the public key Paul Wouters
- Re: [keyassure] publishing the public key Phillip Hallam-Baker
- Re: [keyassure] publishing the public key Peter Gutmann
- Re: [keyassure] publishing the public key Peter Gutmann
- Re: [keyassure] publishing the public key Peter Gutmann
- Re: [keyassure] publishing the public key Peter Gutmann
- Re: [keyassure] publishing the public key Henry Story
- Re: [keyassure] publishing the public key Phillip Hallam-Baker
- Re: [keyassure] publishing the public key Henry Story
- Re: [keyassure] publishing the public key Paul Hoffman
- Re: [keyassure] publishing the public key Peter Gutmann
- Re: [keyassure] publishing the public key Phillip Hallam-Baker
- Re: [keyassure] publishing the public key Henry Story
- Re: [keyassure] publishing the public key Henry Story
- Re: [keyassure] publishing the public key Peter Gutmann
- Re: [keyassure] publishing the public key Henry Story
- Re: [keyassure] publishing the public key Paul Wouters
- Re: [keyassure] publishing the public key Paul Wouters
- Re: [keyassure] publishing the public key Paul Hoffman
- Re: [keyassure] publishing the public key Paul Wouters
- Re: [keyassure] publishing the public key Paul Hoffman
- Re: [keyassure] publishing the public key Phillip Hallam-Baker
- Re: [keyassure] publishing the public key Peter Gutmann
- Re: [keyassure] publishing the public key Henry Story
- Re: [keyassure] publishing the public key Stephen Kent
- Re: [keyassure] publishing the public key Henry Story
- Re: [keyassure] publishing the public key Stephen Kent
- Re: [keyassure] publishing the public key Henry Story
- Re: [keyassure] publishing the public key Paul Hoffman
- Re: [keyassure] publishing the public key Henry Story
- Re: [keyassure] publishing the public key Henry Story
- Re: [keyassure] publishing the public key Stephen Kent
- Re: [keyassure] publishing the public key Henry Story