[SSL Observatory] Perspectives on Convergence of EFF, EPIC, SSL, TOR, NSA, ET CETERA
Jacob Appelbaum
jacob at appelbaum.net
Thu Nov 3 19:29:56 PDT 2011
- Previous message: [SSL Observatory] Perspectives on Convergence of EFF, EPIC, SSL, TOR, NSA, ET CETERA
- Next message: [SSL Observatory] Perspectives on Convergence of EFF, EPIC, SSL, TOR, NSA, ET CETERA
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
On 11/03/2011 07:16 PM, Phillip Hallam-Baker wrote:
> On Thu, Nov 3, 2011 at 9:35 PM, Jacob Appelbaum <jacob at appelbaum.net> wrote:
>
>> On 11/03/2011 05:27 PM, Phillip Hallam-Baker wrote:
>>> People who throw stones...
>>>
>>> Seems to me that EFF and Moxie have been holding everyone else to a
>> certain
>>> standard these past few months.
>>>
>>> I don't think that either would accept 'recognized and acknowledged' as
>> an
>>> excuse.
>>>
>>>
>>> In the case of Convergence the site does not say a blessed thing about
>> the
>>> proposal. Not a squeak, not a sausage. It is pure marketing glitz with
>>> fancy graphics but no substance.
>>>
>>
>> If someone is going to accuse an open source project of being a backdoor
>> they could at least link to the offending code.
>>
>
> If someone is going to claim that there are '650 CAs' then they could at
> least ask why the DFN root has 200 intermediates chained and if they are
> actually CAs as being claimed.
>
This is a pretty conservative number - consider that Dan Kaminsky often
says the number is around ~1600 - what's the correct number?
Additionally, I believe you are mistaken about such a quote from me. I
did a quick search and found articles that cite the EFF and also quote
me - the EFF citation is not a quote from me - I don't work for the EFF.
> EFF has been mighty economical with the truth of late. I have been pretty
> sick of it to tell the truth. The 650 CAs claim was garbage, they know it
> is garbage but you keep on repeating it to the press as fact.
>
How many CAs exist today that can sign a certificate and then that
certificate will be accepted as valid?
> Well now they are having problems being believed and I am afraid that I
> can't actually vouch for their honesty any more.
>
This is a diversion. The person behind this slander says that they're
writing backdoors - it's a pretty different thing from what you're
saying, which is that you disagree with their counting methods.
One is a matter of methodology and the other integrity. I'm sure someone
from the EFF will chime in here and I welcome that discussion.
>
>
>> This rumor is a bunch of bullshit and I can't believe it spilled onto
>> this list too.
>>
>
> The Iranian government runs a Warez site filled with all sorts of software
> that is not legally for sale in Iran.
Citation please.
>
> It is all free and all larded up with backdoors.
Citation please.
>
> So I would not discount the possibility of there being IRG versions of Tor
> in circulation. In fact it seems rather likely that they have done that
> already.
What do you base this on? We'd love to see a sample - feel free to send
us some evidence.
In any case, I hardly see what any of this has to do with the
allegations from the parent post. It appears to be slander with
absolutely no factual backing.
All the best,
Jake
- Previous message: [SSL Observatory] Perspectives on Convergence of EFF, EPIC, SSL, TOR, NSA, ET CETERA
- Next message: [SSL Observatory] Perspectives on Convergence of EFF, EPIC, SSL, TOR, NSA, ET CETERA
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the Observatory
mailing list