[Ach] heads up: concerning PKIs
David Durvaux
david.durvaux at gmail.com
Mon Dec 16 22:23:12 CET 2013
We need to keep a good todo of what we will add to v2 ;)
Otherwise we will forget :-D.
2013/12/16 L. Aaron Kaplan <kaplan at cert.at>
> Hi,
>
> I am currently going through the whole document and we are still missing
> the PKI section. But since we are nearing a deadline for releasing the
> document to reviewers -- unless more text comes until tonight, I am
> considering adding this sentence to the disclaimer:
>
>
> This guide does not talk about the well-known insecurities of trusting a
> public-key infrastructure (PKI)\footnote{Interested readers are referred to
> \url{https://bugzilla.mozilla.org/show_bug.cgi?id=647959} or
> \url{
> http://www.heise.de/security/meldung/Der-ehrliche-Achmed-bittet-um-Vertrauen-1231083.html}
> (german)
> which brings the problem of trusting PKIs right to the point}. Nor does
> this text explain how to run your own Certificate Authority (CA).
>
>
> A general remark: in the meetings we said a couple of times that we will
> add sections and see if they get filled up.
> If not, then we will add it in version 2. No problem. We can't achieve
> everything at once. All of us are aware of this. So, no stress please. I'd
> rather have less but at a higher quality (than now) and extend the topics
> covered later.
>
> a.
>
>
> ---
> // L. Aaron Kaplan <kaplan at cert.at> - T: +43 1 5056416 78
> // CERT Austria - http://www.cert.at/
> // Eine Initiative der nic.at GmbH - http://www.nic.at/
> // Firmenbuchnummer 172568b, LG Salzburg
>
>
>
>
>
> _______________________________________________
> Ach mailing list
> Ach at lists.cert.at
> http://lists.cert.at/cgi-bin/mailman/listinfo/ach
>
>
--
David DURVAUX
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cert.at/pipermail/ach/attachments/20131216/d5d0da3a/attachment.html>
More information about the Ach
mailing list