Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

+ - Why Not Replace SSL Certificates With PGP Keys? 9

Submitted by vik
vik writes: The whole SSL process has been infiltrated by the NSA, GCSB and other n'er-do-wells. If governments want a man-in-the-middle certificate they simply issue a secret gagging order to the CA to make them issue one. Consequently "certified" SSL certificates can no longer be trusted. Ironically self-issued certificates are more secure, but not easily verified.

However, PGP/GPG keys can be trusted and independently verified. They are as secure as we can get for now. Why not replace the broken SSL CA system with GPG/PGP encryption keys? Make the NSA-infiltrated stuff obsolete, and rely on a real-world web of trust?

Comment: Re:Sigh (Score 3, Interesting) 429

by stinky wizzleteats (#37598488) Attached to: As a target for malware, my main computer is ...
Since forever. And one more thing. While we're on the subject of trolls, why do modern trolls utterly suck? In the 90's, trolling was high art. Slashdot trolls in particular were geniuses in the craft, weaving perfectly proportioned delicately scented masterpieces of intellectual turds and dropping them in perfectly chosen locations. Now, trolling has degenerated to the point that the word itself is misused to mean anyone who post something anyone doesn't like. Any random idiot can now be considered a troll. It's a fucking travesty. Trolling is NOT just annoying. It's careful, deliberate artwork. What happened to it?

Yes, we will be going to OSI, Mars, and Pluto, but not necessarily in that order. -- Jeffrey Honig

Working...