On May 5, 2009, at 1:17 PM, Paul Hoffman wrote:
...This leads to the question: if a CA in a trust anchor pile does something wrong (terribly wrong, in this case) and fixes it, should they be punished? If you say "yes", you should be ready to answer "who will benefit from the punishment" and "in what way should the CA be punished"....
The same question can be asked about *any* instance of criminal behavior, or of any other kind of behavior that is considered "bad enough" to be worthy of punishment. To go to the extreme: The victim is already dead, jailing the murderer won't bring him back - all you are doing is costing society directly (we have to pay the costs of keeping him in jail - quite expensive, actually) and indirectly (we won't have the fruits of his labor - like, say, new file systems). We punish acts to send a message that certain things are unacceptable, to deter the actor and others, out of a sense of justice, and for other related reasons. The beneficiaries are *everyone else*.

The strength of Tit For Tat as a strategy shows that motives like this tap into very basic properties of multi-party games.

As for what your punishment as a "bad CA" should be: Realistically, in any industry based on trust, the major component of punishment should be loss of trust - which results in people refusing to do business with you any more, which will usually put you out of business. In egregious cases, we send people to jail (where they can spend time with Bernie Madoff). We also have mechanisms that aren't punishments but deal with the equities of the situation: They try to right the wrongs. So if I can show that your malfeasance as a CA led to my losing money, you have to compensate me. There's a whole grey area in between that centers on the principle that you should not be allowed to profit from you ill-gotten gains - whether or not we can figure out how to return those gains to those who rightly should have them.

Theirry Moreau has already pointed out that political/economic reality here makes any meaningful punishment impossible. That's way the CA industry can't ever really be a trust industry - you can't rely on a party who disclaims all responsibility, no matter what.
                                                        -- Jerry

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com

Reply via email to