Jaqui Greenlees wrote:
Ian G wrote:
actually,
if the CA's were forced to deal with someone, in person, with photo id,
and papers, just like getting drivers license, sin card or bank account,
then there would be far less chance of mis issued certs.
Easy to defeat. The cost of defeating this is of order $100,
probably no more than $1000. One can buy books on how to do
this, it is such widespread knowledge.
What it does do is stop honest people from acquiring certs in
different names. I guess it all depends on how much that is
worth to you... If your "bad guy" is someone who wants a
false cert so they can run a freedom-of-speech campaign against
a big company, then that will stop them. If your "bad guy" is
a phisher, well, as he's already experienced in stealing money,
and a little document forgery isn't going to slow him down.
but that would take legislation, in every single country to be effective.
Right, another obstacle. If all countries had hard ID like
some of the Europeans had, *and* this was an international
standard like the US wants with passports, then this might
help.
iang
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/
_______________________________________________
Mozilla-security mailing list
Mozilla-security@mozilla.org
http://mail.mozilla.org/listinfo/mozilla-security
