More on certificate authority proliferation - Committee to Protect Journalists

1.0Committee to Protect Journalistshttps://cpj.orgDanny O'Brienhttps://cpj.org/author/dobrien/More on certificate authority proliferation - Committee to Protect Journalistsrich600338<blockquote class="wp-embedded-content" data-secret="xP0JhggtBo"><a href="https://cpj.org/2010/09/more-on-certificate-authority-proliferation/">More on certificate authority proliferation</a></blockquote><iframe sandbox="allow-scripts" security="restricted" src="https://cpj.org/2010/09/more-on-certificate-authority-proliferation/embed/#?secret=xP0JhggtBo" width="600" height="338" title="“More on certificate authority proliferation” — Committee to Protect Journalists" data-secret="xP0JhggtBo" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" class="wp-embedded-content"></iframe><script type="text/javascript"> /* <![CDATA[ */ /*! This file is auto-generated */ !function(d,l){"use strict";l.querySelector&&d.addEventListener&&"undefined"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!/[^a-zA-Z0-9]/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret="'+t.secret+'"]'),o=l.querySelectorAll('blockquote[data-secret="'+t.secret+'"]'),c=new RegExp("^https?:$","i"),i=0;i<o.length;i++)o[i].style.display="none";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute("style"),"height"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):"link"===t.message&&(r=new URL(s.getAttribute("src")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener("message",d.wp.receiveEmbedMessage,!1),l.addEventListener("DOMContentLoaded",function(){for(var e,t,s=l.querySelectorAll("iframe.wp-embedded-content"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute("data-secret"))||(t=Math.random().toString(36).substring(2,12),e.src+="#?secret="+t,e.setAttribute("data-secret",t)),e.contentWindow.postMessage({message:"ready",secret:t},"*")},!1)))}(window,document); /* ]]> */ </script> Cryptographer Bruce Schneier linked to my Slate piece on rogue certificate authorities (CAs), which could allow governments like the UAE to monitor even the supposedly secure communications of journalists and others. The smart comments include a link to this fascinating discussion at Mozilla that shows the procedures that browser-makers use when deciding which certificates to…https://cpj.org/wp-content/uploads/2020/06/cpj-logo.png24001260