Paul Hoffman <paul.hoff...@vpnc.org> writes: >Peter, you really need more detents on the knob for your hyperbole setting. >"nothing happened" is flat-out wrong: the CA fixed the problem and researched >all related problems that it could find. Perhaps you meant "the CA was not >punished": that would be correct in this case.
What I meant was that there were no repercussions due to the CA acting negligently. This is "nothing happened" as far as motivating CAs to exercise diligence is concerned, you can be as negligent as you like but as long as you look suitably embarassed afterwards there are no repercussions (that is, there's no evidence that there was any exodus of customers from the CA, or any other CA that's done similar things in the past). Imagine if a surgeon used rusty scalpels and randomly killed patients, or a bank handed out money to anyone walking in the door and claiming to have an account there, or a restaurant served spoiled food, or ... . The repercussions in all of these cases would be quite severe. However when several CAs exhibited the same level of carelessness, they looked a bit embarassed and then went back to business as usual. The CA-as-a-certificate- vending-machine problem (or "rogue CA" if you want to call it that) had been known for years (Verisign's "Microsoft" certificates of 2001 were the first case that got widespread publicity) but since there are no repercussions for CAs doing this there's no incentive for anything to change. >This leads to the question: if a CA in a trust anchor pile does something >wrong (terribly wrong, in this case) and fixes it, should they be punished? If a CA in a trust anchor pile does something terribly wrong and there are no repercussions, why would any CA care about doing things right? All that does is drive up costs. The perverse incentive that this creates is for CAs to ship as many certificates as possible while applying as little effort as possible. And thus we have the current state of commercial PKI. Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com