Ometre fins al contingut.
Menú de Sympa

cacert - Re: [CA cert] Re: An apology and an announcement

Assumpte: A better approach to security

Arxiu de la llista

Re: [CA cert] Re: An apology and an announcement


Cronològic Discusió 
  • From: Duane <duane AT cacert.org>
  • To: A better approach to security <cacert AT lists.cacert.org>
  • Subject: Re: [CA cert] Re: An apology and an announcement
  • Date: Wed, 11 Aug 2004 09:51:41 +1000
  • List-archive: <http://lists.cacert.org/mailman/private/cacert>
  • List-id: A better approach to security <cacert.lists.cacert.org>
John A. Martin wrote:

Circa 1991-1993, when the Jolitzes were doing 386BSD and Linus was on
the MINIX newsgroup, and even later, a lot of folk became worried about
the prospect of Operating Systems produced outside of responsible
Corporations or Academic Institutions becoming widely available and
used on inexpensive hardware.

Little bit different of a situation, a PKI CA by it's very nature is centralised, while efforts have been under taken to decentralise this process as much as possible, it simply isn't possible to a large extent, now computers running operating systems is a very decentralised thing. As I stated, in this particular instance, not in general, I can see how trying to decentralise things at this point in time isn't the best move politically as it could cause everyone to become untrusted. We're very much in a political environment, and lobbying vendors for inclusion, if 100 other groups suddenly popped up tomorrow all doing the same, the vendors would tell them to go get webtrust certified and ignore any efforts they were applying to get included because the signal to noise ration would be high...

My concerns lie in the fact that if 100 CAs were to suddenly exist tomorrow all using similar documents and the same code base nobody would know who to trust and nobody would be able to say with any certainty which were adhering to the CPS' presented on their websites, and the end result is none of them would be trusted. So while competition can be healthy in some cases I can see how it could also be destructive as well in this particular instance.

--

Best regards,
 Duane

http://www.cacert.org - Free Security Certificates
http://www.nodedb.com - Think globally, network locally
http://www.sydneywireless.com - Telecommunications Freedom
http://happysnapper.com.au - Sell your photos over the net!
http://e164.org - Using Enum.164 to interconnect asterisk servers

"In the confrontation between the stream and the rock, the
stream always wins; not through strength, but through persistence."


Arxiu generat per MHonArc 2.6.16.

Part superior de la pàgina