On Thu, Aug 1, 2013 at 4:28 AM, Anthony wikimail@inbox.org wrote:
On Wed, Jul 31, 2013 at 5:59 PM, George Herbert george.herbert@gmail.comwrote:
The second is site key security (ensuring the NSA never gets your private keys).
Who theoretically has access to the private keys (and/or the signing key) right now?
The roots. https://meta.wikimedia.org/wiki/Sysadmins#List (was out of date last time I overhauled it, maybe it's being updated more regularly now)
The third is perfect forward security with rapid key rotation.
Does rapid key rotation in any way make a MITM attack less detectable? Presumably the NSA would have no problem getting a fraudulent certificate signed by DigiCert.
I'm not seeing the relevance. And we have the SSL observatory (EFF) fwiw.
We (society, standards making bodies, etc.) need to do more to reform the current SSL mafia system. (i.e. it should be easier for a vendor to remove a CA from a root store and we shouldn't have a situation where many dozens of orgs all have the ability to sign certs valid for any domain.)
I'm not sure how much we (Wikimedia) can do about that though.
-Jeremy