[SSL Observatory] Diginotar broken arrow as a tour-de-force of PKI fail
Chris Palmer
snackypants at gmail.com
Mon Sep 12 20:08:05 PDT 2011
On Sep 12, 2011, at 4:28 AM, Rob Stradling wrote:
> A properly-designed mechanism is always a nice idea. But I'll take
> inelegently-patched-up OCSP if that's the best that all required parties can
> agree to.
OCSP's privacy and reliability/performance/availability problems are fatal. It's going to have to be something else.
More information about the Observatory
mailing list