Ben Laurie <b...@links.org> writes: >I find your response strange. You ask how we might fix the problems, then you >respond that since the world doesn't work that way right now, the fixes won't >work. Is this just an exercise in one-upmanship? You know more ways the world >is broken than I do?
It's not just that the world doesn't work that way now, it's quite likely that it'll never work that way (for the case of PKI/revocations mentioned in the message, not the original SNI). We've been waiting for between 20 and 30 years (depending on what you define as the start date) for PKI to start working, and your reponse seems to indicate that we should wait even harder. If I look at the mechanisms we've got now, I can identify that commercial PKI isn't helping, and revocations aren't helping, and work around that. I'm after effective practical solutions, not just "a solution exists, QED" solutions. Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com