“The CA system is broken, but it works because broken systems tend to be better for society, which needs fluidity in the face of complicated social constructs,” Schneier said. “Systems that are broken but work are very common in the real world: Front door locks are surprisingly pickable. Think of faxed signatures, for example. It’s a ridiculous form of authentication, yet people trust these documents all the time for very important stuff.”

Link: Researchers Hack Internet Security Infrastructure

Related posts:

• Exchange 2010 FAQ: Are Wildcard SSL Certificates Supported?
• Exchange SSL Certificate Management Survey
• Exchange Server 2010 POP3: Securing POP3 Client Remote Access
• Email Fundamentals: What is an Open Relay?
• Exchange 2010: How to Grant Send on Behalf Permissions for a Distribution Group

This article Bruce Schneier on Certificate Authorities is © 2008 ExchangeServerPro.com

Get more Exchange Server tips at ExchangeServerPro.com