[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Wed, Jun 26, 2013 at 5:01 PM, bad apple wrote: > 2: SSL is a red herring - the relevant agencies already have all CA keys > through escrow or can force disclosure at will. Could you expand on this? For I believe that with the CA signing keys, which I assume the agencies to have access to, and with the ability to route traffic to your servers, which I assume the agencies to be able to do, you can make the vast majority of people believe that they are connecting to the real service. But some people will notice. And make a fuss. Mind you, they don't need to issue fake certificates if they are able to force these providers to install backdoors. Martijn. -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq