

Fully-qualified Nonsense in the SSL Observatory - rohitt
https://www.eff.org/deeplinks/2011/04/fully-qualified-nonsense-ssl-observatory

======
pnathan
The SSL PKI appears to be well and truly riddled with holes.

By the way, do browsers check for certificate revokation and refuse to connect
to revoked sites?

I'm constantly amazed that ecommerce even functions. I'm glad it does, but
there just seem to be fairly fundamental _holes_ in the PKI to secure
ecommerce.

