- From: Marc Fawzi <marc.fawzi@gmail.com>
- Date: Tue, 24 Mar 2015 16:56:19 -0700
- To: Daniel Appelquist <appelquist@gmail.com>
- Cc: TAG List <www-tag@w3.org>
- Message-ID: <CACioZituT9C0HGzuzfO4yDpmjo6aBGO9mM1jVb2_FXX73Xsv=A@mail.gmail.com>
<<Defenders of the current system for acquiring and revoking TLS certificates have recently chafed in response to statements from this author <https://twitter.com/ivanristic/status/578536108662861824> that it's *hopelessly broken*. Besides remembering that almost all of these critics have a strong financial interest in the way the system works now >> What prevents a state spy agency from MITM-ing your HTTPS connection? Why don't you answer that? And why would you refer to the comment I made as "alarmist" (in dismissive tone, no less) given the situation is factually _alarming_? On Tue, Mar 24, 2015 at 12:42 PM, Daniel Appelquist <appelquist@gmail.com> wrote: > Excuse me? > > Marc – can you please refrain from making alarmist, nonsensical > flame-baiting comments like this on our mailing list? Probably this sort of > thing would be more sensibly expressed on Twitter or similar? > > Thanks, > Dan > > On 24 Mar 2015, at 16:47, Marc Fawzi <marc.fawzi@gmail.com> wrote: > > A classic "we told you so" moment for "HTTPS everywhere" promoters and now > state surveillance is baked into HTTP2.0 > > Sent from my iPhone > > On Mar 24, 2015, at 9:31 AM, Melvin Carvalho <melvincarvalho@gmail.com> > wrote: > > FYI: > > > http://arstechnica.com/security/2015/03/google-warns-of-unauthorized-tls-certificates-trusted-by-almost-all-oses/ > > > >
Received on Tuesday, 24 March 2015 23:57:27 UTC