[Dshield] 0wnlng Windows machines

Tony Earnshaw tonni at hetnet.nl
Wed Feb 28 03:19:56 GMT 2007


Tomas L. Byrnes wrote, on 27. feb 2007 20:20:

[...]

> PKI would have worked/could work much better if it were tied to the
> banking system. Banks have very good reasons for verifying the
> identities of their customers, and you can always track people back to
> their money.
> 
> This is the idea behind www.indetrust.com

"Firefox can't find the server at www.indetrust.com"

With the rest of your comments I'm, in principle, in utter agreement. 
Thawte was fine when it was Thawte and I used it. Since then there's 
been the famous example of the Microsoft cert being issued by the 
nefarious Verisign to the glib non-Microsoft social engineer. There are 
possibly other examples we haven't been told about.

As for my bank, ING Bank, I have no idea which CA it uses, but it's 
accepted as-is by Firefox. ING Bank is pretty security conscious and 
would beat most other European and US banks at security hand over fist. 
And it shepherds my money, making a vast profit last quarter at very 
little or no cost to me. I wouldn't mind finding out how it does things 
PKI-wise, and likely I'll find out in the near future.

--Tonni

-- 
Tony Earnshaw
Email: tonni at hetnet dot nl


More information about the list mailing list