Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Dick Hardt (dicksxip.com)
Date: Fri Aug 08 2008 - 12:29:24 CDT
On 8-Aug-08, at 10:11 AM, Ben Laurie wrote:
> It also only fixes this single type of key compromise. Surely it is
> time to stop ignoring CRLs before something more serious goes wrong?
Clearly many implementors have chosen to *knowingly* ignore CRLs
despite the security implications, so my take away would be that the
current public key infrastructure is flawed.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/