cryptology Ralf on 04 Jan 2006 02:47 pm
Peter Gutmann is funny
Catching up with the mailing lists i’m subscribed to, I came across the following absolutely hilarious commentary by Peter Gutmann; a postscript to the endless discussions on the brokenness of the trust model of X.509 certificates.
From: Peter Gutmann
Date: December 31, 2005 1:49:21 AM GMT+01:00
To: cryptography@metzdowd.com, perry@xxxxxxxxx.com
Subject: Re: ADMIN: end of latest SSL discussion
Perry E. Metzger writes:
The latest round of “SSL and X.509 certs in browsers are broken” has gone on too long.
It’s been a good start though. The first step towards recovery is admitting that you have a problem…
Hi. My name is Peter and I have an X.509 problem. Initially it was just small things, a little PKI after lunch, maybe a digital ID after dinner and a small CRL as a nightcap. Then I discovered OCSP, and started combining low-and high-assurance certificates. It just got worse and worse. In the end I was experimenting with cross-certifying CAs and even freebasing trust anchors. One morning I woke up in bed next to a giant lizard wearing a Mozilla t-shirt and knew I had a problem.
It’s now been six weeks since my last PKI…
Peter.
Leave a Reply
You must be logged in to post a comment.
