@4Dgifts It is a hyperbolic way of saying 'PGP is deeply flawed we need to push for much better solutions'.
@tqbf @4Dgifts @matthew_d_green @bleidl I hate DNSSEC and all but it is really starting to feel like the lesser of all evils
-
-
@4Dgifts@tqbf@matthew_d_green@bleidl the X.509 PKI is worse -
@bascule@4Dgifts@matthew_d_green@bleidl Are you sure about that? Or do you just not like ASN.1? -
@tqbf@4Dgifts@matthew_d_green@bleidl tying authentication to the naming system is the right architectural decision, at least… -
@bascule@tqbf@4Dgifts@matthew_d_green S/MIME + DANE means you trust your email provider to behave honestly, right? -
@bleidl@tqbf@4Dgifts@matthew_d_green yes, you have to trust your mail provider/“gateway”. But Google can already read my GMail… -
-
@matthew_d_green@bleidl@tqbf@4Dgifts sure, your ISP can give out fake keys and MitM you in this model. Got a better solution? - 6 more replies
New conversation -
-
-
@bascule@4Dgifts@matthew_d_green@bleidl I don’t believe you really think that. -
@tqbf@4Dgifts@matthew_d_green@bleidl if X.509 name constraints actually worked I’d have a different opinion. But they’re horribly broken
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.