On May 5, 2009, at 1:17 PM, Paul Hoffman wrote:
...This leads to the question: if a CA in a trust anchor pile does
something wrong (terribly wrong, in this case) and fixes it, should
they be punished? If you say "yes", you should be ready to answer
"who will benefit from the punishment" and "in what way should the
CA be punished"....
The same question can be asked about *any* instance of criminal
behavior, or of any other kind of behavior that is considered "bad
enough" to be worthy of punishment. To go to the extreme: The victim
is already dead, jailing the murderer won't bring him back - all you
are doing is costing society directly (we have to pay the costs of
keeping him in jail - quite expensive, actually) and indirectly (we
won't have the fruits of his labor - like, say, new file systems). We
punish acts to send a message that certain things are unacceptable, to
deter the actor and others, out of a sense of justice, and for other
related reasons. The beneficiaries are *everyone else*.
The strength of Tit For Tat as a strategy shows that motives like this
tap into very basic properties of multi-party games.
As for what your punishment as a "bad CA" should be: Realistically,
in any industry based on trust, the major component of punishment
should be loss of trust - which results in people refusing to do
business with you any more, which will usually put you out of
business. In egregious cases, we send people to jail (where they can
spend time with Bernie Madoff). We also have mechanisms that aren't
punishments but deal with the equities of the situation: They try to
right the wrongs. So if I can show that your malfeasance as a CA led
to my losing money, you have to compensate me. There's a whole grey
area in between that centers on the principle that you should not be
allowed to profit from you ill-gotten gains - whether or not we can
figure out how to return those gains to those who rightly should have
them.
Theirry Moreau has already pointed out that political/economic reality
here makes any meaningful punishment impossible. That's way the CA
industry can't ever really be a trust industry - you can't rely on a
party who disclaims all responsibility, no matter what.
-- Jerry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
