The most infuriating thing about certificates isn't how hopelessly broken the CA model is, but how *needlessly* broken it is.
@fanf @SteveBellovin @demize95 @mattblaze DNSSEC does require extra round-trips as a validating client.
-
-
@colmmacc@SteveBellovin@demize95@mattblaze You can get all the records in 1 RTT (or 2 for an out-of-zone CNAME) http://www.ietf.org/mail-archive/web/dnsext/current/msg13540.html …Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.