[Note: This comment comes from friend Steve Schear. DLH]
From: Steven Schear <firstname.lastname@example.org>
Subject: Re: [Dewayne-Net] Google takes Symantec to the woodshed for mis-issuing 30,000 HTTPS certs
Date: March 23, 2017 at 11:16:57 PM EDT
Notice how we never got opportunistic encryption of websites via self-signed certificates because any time someone tried to do it a NSA operative would find just the right way to trigger everyone’s paranoia and provoke everyone into focusing on the key distribution problem instead of looking at the big picture: how active MiTM attacks are more expensive than passive monitoring.
Google takes Symantec to the woodshed for mis-issuing 30,000 HTTPS certs
Chrome to immediately stop recognizing EV status and gradually nullify all certs.
By Dan Goodin
Mar 23 2017