The Electronic Frontier Foundation (EFF) mapped more than 650 organizations that can issue certificates which will be accepted, directly or indirectly, by Microsoft's Internet Explorer and Mozilla's Firefox. The EFF will soon launch the SSL Observatory Project, "an effort to monitor and secure the cryptographic infrastructure of the World Wide Web. There is much work to be done, and we will need the help of many parties to make the HTTPS-encrypted web genuinely trustworthy... Browsers trust a very large number of these CAs, and unfortunately, the security of HTTPS is only as strong as the practices of the least trustworthy/competent CA."

Monday, August 16, 2010
Network World