-
-
Replying to @randomoracle
@randomoracle@dakami@ericlaw The one used to sign that was revoked. But proper revocation is a nuclear option; once done, cannot be undone1 reply 0 retweets 0 likes -
Replying to @randomoracle
@randomoracle@dakami@ericlaw Yes, or until Sony requests it. Which they should have Day 1 upon discovering the compromise.2 replies 0 retweets 1 like -
Replying to @sleevi_
@sleevi_@randomoracle@ericlaw Again, you have to know what the consequences of a revocation would be. What if you break a bunch of PCs?1 reply 0 retweets 0 likes -
Replying to @randomoracle
@randomoracle@dakami@ericlaw Of course, this is why CA-mediated codesigning is sillypants and very much a MSFT-ism.2 replies 0 retweets 1 like -
Replying to @sleevi_
@sleevi_@randomoracle@dakami@ericlaw oops, got our X.509 extensions wrong and now Flame is signed by a non-codesigning intermediate? Oops1 reply 1 retweet 1 like -
Replying to @randomoracle
@randomoracle@bascule@sleevi_@ericlaw I wish I could say#PKI was well designed technology but we both know it isn't1 reply 0 retweets 1 like
@dakami @randomoracle @sleevi_ @ericlaw I still maintain X.500 is the root of all evil
-
-
Replying to @bascule
@bascule@randomoracle@sleevi_@ericlaw the root of X.509's evil is offline operation. Same thing with Chip and Pin. Online makes scale.0 replies 0 retweets 0 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.