CDR: Re: Public Key Infrastructure: An Artifact...
Ray Dillinger
bear at sonic.net
Mon Nov 20 11:40:47 PST 2000
On Mon, 20 Nov 2000 Lynn.Wheeler at firstdata.com wrote:
>as pure asside ... any SSL server certificate signed by any CA
> in my browswer's CA list is acceptable.
>
>my broswer makes no distinction on which CA signed what ...
> and/or even what they signed. If I get a certificate signed
> by any CA in my browswers list that says foo.bar ...
I think that one of the major problems with PKI is the "binary-ness"
of it. Everything gets shoveled into "acceptable" or "not acceptable"
at the end of the process, but I don't think it's appropriate in
trust decisions to have stuff shoveled into "acceptable" and "not
acceptable" piles at the very beginning.
We can't give a numeric score to the degree of trust we place in a
CA. There's no protocol for exchanging information about breaches
in trust regarding particular certs, so we can't have a policy for
auto-updating our trust model. If I get a spoofed cert from a CA,
and notice it, I ought to be able to downgrade the trust in that CA
- without necessarily removing ALL trust in that CA. Furthermore,
my system ought to pass along the news about the spoofed cert, along
with the signature that proves it came from that CA, so that other
systems can do the same.
"Gossip" is really the only way a robust trust model can work.
systems have to at least be ABLE to notify and inform one another
when there's a breach of trust involving a CA, and different
people have to be able to set the threshold for trust at different
points.
Bear
More information about the cypherpunks-legacy
mailing list