|
|
|
|
|
|
by phaet0n
4710 days ago
|
|
|
> SSL is as save as the CA list used by the browser is. It really doesn't matter which CA you actually choose then. Which is why a _comprehensive_ history of when, how, and why CA root certs were added to various browsers, and the politicking behind it, would be quite illuminating. Recall it was only around 2000 when the US relaxed export restrictions somewhat on cryptographic software. [1] So given that sensitive fact, the policy, and architecture of systems such as browser security should be questioned, especially because a select few are making essentially free money selling green address bars. [1] http://en.wikipedia.org/wiki/Key_size#Symmetric_algorithm_ke... |
|
|