Re: [TLS] Proposing CAA as PKIX Working Group Item
Geoffrey Keating <geoffk@geoffk.org> Sun, 05 June 2011 08:45 UTC
Return-Path: <geoffk@geoffk.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E4E021F8491; Sun, 5 Jun 2011 01:45:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id acJVPe3Mjbum; Sun, 5 Jun 2011 01:45:00 -0700 (PDT)
Received: from dragaera.releasedominatrix.com (dragaera.releasedominatrix.com [216.129.118.138]) by ietfa.amsl.com (Postfix) with ESMTP id D47D121F8490; Sun, 5 Jun 2011 01:45:00 -0700 (PDT)
Received: by dragaera.releasedominatrix.com (Postfix, from userid 501) id C0CB333D18D; Sun, 5 Jun 2011 08:44:58 +0000 (UTC)
Sender: geoffk@localhost.localdomain
To: Yoav Nir <ynir@checkpoint.com>
References: <E1QSKXu-0000S2-2s@login01.fos.auckland.ac.nz> <81856AC0-F6FB-4321-93FE-559D5C5E2743@checkpoint.com>
From: Geoffrey Keating <geoffk@geoffk.org>
Date: Sun, 05 Jun 2011 01:44:58 -0700
In-Reply-To: <81856AC0-F6FB-4321-93FE-559D5C5E2743@checkpoint.com>
Message-ID: <m28vtgfz05.fsf@localhost.localdomain>
Lines: 24
User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.4
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Cc: "pkix@ietf.org" <pkix@ietf.org>, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Proposing CAA as PKIX Working Group Item
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Jun 2011 08:45:01 -0000
Yoav Nir <ynir@checkpoint.com> writes: > Yoav Nir <ynir@checkpoint.com> writes: > >> In late 2008, when some researchers got RapidSSL to sign a certificate >> request that collided with their rogue sub-CA certificate, several things >> came to light: >> - They were a ridiculously small company, with the only full-time employee. >> An accountant ... > I'm not sure where I've read it. Probably some blog entry about the incident. Not Bruce Schneier's because his entries are still online. > > Anyway, checking the data for now, Business Week has this: > http://investing.businessweek.com/research/stocks/private/people.asp?privcapId=20888814 > > It lists two "key executives", VP Marketing and VP Sales and no CEO/President. Click their links, and both have other jobs at Globalsign and other companies. > > The key issue is the total lack of in-house expertise. Late in 2008, it wasn't RapidSSL that switched to MD5. Verisign did it for them: > http://www.thetechherald.com/article.php/200852/2708/VeriSign-replaces-RapidSSL-certificates RapidSSL is owned by GeoTrust which at the time was owned by VeriSign (thus the press release), and now by Symantec. It wouldn't surprise me if RapidSSL itself has no employees at all. I don't think Business Week's data is reliable in this case.
- Re: [TLS] [pkix] Proposing CAA as PKIX Working Gr… Peter Gutmann
- Re: [TLS] [pkix] Proposing CAA as PKIX Working Gr… Michael D'Errico
- Re: [TLS] [pkix] Proposing CAA as PKIX Working Gr… Yoav Nir
- Re: [TLS] [pkix] Proposing CAA as PKIX Working Gr… Phillip Hallam-Baker
- Re: [TLS] [pkix] Proposing CAA as PKIX Working Gr… Yoav Nir
- Re: [TLS] [pkix] Proposing CAA as PKIX Working Gr… Marsh Ray
- Re: [TLS] [pkix] Proposing CAA as PKIX Working Gr… Phillip Hallam-Baker
- Re: [TLS] [pkix] Proposing CAA as PKIX Working Gr… Peter Gutmann
- Re: [TLS] [pkix] Proposing CAA as PKIX Working Gr… Marsh Ray
- Re: [TLS] [pkix] Proposing CAA as PKIX Working Gr… Yoav Nir
- Re: [TLS] Proposing CAA as PKIX Working Group Item Geoffrey Keating
- Re: [TLS] [pkix] Proposing CAA as PKIX Working Gr… koichi sugimoto
- Re: [TLS] [pkix] Proposing CAA as PKIX Working Gr… Peter Gutmann
- Re: [TLS] [pkix] Proposing CAA as PKIX Working Gr… Yoav Nir
- Re: [TLS] [pkix] Proposing CAA as PKIX Working Gr… Yoav Nir
- Re: [TLS] [pkix] Proposing CAA as PKIX Working Gr… Peter Gutmann
- Re: [TLS] [pkix] Proposing CAA as PKIX Working Gr… Yoav Nir
- Re: [TLS] [pkix] Proposing CAA as PKIX Working Gr… Peter Gutmann
- Re: [TLS] [pkix] Proposing CAA as PKIX Working Gr… Phillip Hallam-Baker
- Re: [TLS] [pkix] Proposing CAA as PKIX Working Gr… Phillip Hallam-Baker
- Re: [TLS] [pkix] Proposing CAA as PKIX Working Gr… Marsh Ray
- Re: [TLS] [pkix] Proposing CAA as PKIX Working Gr… Martin Rex
- Re: [TLS] [pkix] Proposing CAA as PKIX Working Gr… Yoav Nir
- Re: [TLS] [pkix] Proposing CAA as PKIX Working Gr… Tom Gindin