Related link: http://news.com.com/2100-1029-5138447.html
There’s some kind of lesson for the computer industry lurking in this
story, but darned if I can figure it out.
Essentially, a bottleneck or single point of failure at one major site
(VeriSign) triggered a bottleneck or single point of failure at
another point (the millions of Norton anti-virus products installed on
people’s computers) and led to a massive denial of service.
There seems to be an issue with monocultures (the popularity of
VeriSign, although I don’t think they should be blamed for their own
popularity) and with the centralized architecture of certificate
authorities as a technology. I don’t suppose better caching would
work, because you can’t cache verification. You need to be verified by
an authoritative site.