http://www.php-security.net/ Odds and ends about PHP security en http://www.php-security.net/templates/default/img/s9y_banner_small.png http://www.php-security.net/ 100 21 http://www.php-security.net/archives/7-SSL-CA-Trust-relationships-and-the-future.html There&#8217;s a very good writeup by fellow security analyst Moxie Marlinspike in the ThreatPost blog that details the current issues with SSL and trust roots - and although a little short on actual mitigation ideas - pretty much nails all the problems that we currently have. As a little sugarcoating, he also dismantles the notion that DNSSEC is &#8220;our savior&#8221;.<br /> <br /> And there&#8217;s a clever little jab at GoDaddy. <img src="http://www.php-security.net/templates/GreenMile/img/emoticons/wink.png" alt=";-)" style="display: inline; vertical-align: bottom;" class="emoticon" /><br /> <br /> Go find the article <a href="https://www.threatpost.com/en_us/blogs/ssl-and-future-authenticity-041111">here at ThreatPost.</a>