Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×

Submission + - Why Not Replace SSL Certificates With PGP Keys? 9

vik writes: The whole SSL process has been infiltrated by the NSA, GCSB and other n'er-do-wells. If governments want a man-in-the-middle certificate they simply issue a secret gagging order to the CA to make them issue one. Consequently "certified" SSL certificates can no longer be trusted. Ironically self-issued certificates are more secure, but not easily verified.

However, PGP/GPG keys can be trusted and independently verified. They are as secure as we can get for now. Why not replace the broken SSL CA system with GPG/PGP encryption keys? Make the NSA-infiltrated stuff obsolete, and rely on a real-world web of trust?

Slashdot Top Deals

"Stupidity, like virtue, is its own reward" -- William E. Davidsen

Working...