Nick Kew wrote:
Why would anyone have to do that? I'll trust a server as much as I trust
the PGP key of the person who signed it. That's the same as trusting
an httpd download because it's signed by someone whose key I trust.
The question then is who is going to sign? You seem to be sugesting
that a server accept signatures from anyone and everyone, and you would
only trust the server if someone that you know and trust had already
decided to trust the server and sign their certificate. That still
leaves you in a position of either deciding to implicitly trust the site
and sign it's certificate, which then causes all of your friends to
trust it, or trusting the opinion of your friend who already decided (
based on what exactly? ) to trust the site and sign their cert.
That doesn't provide much in the way of security, and is impossible to
maintain -- a site can't accept a million signatures on their
certificate from everyone who feels like signing it.
It's usually signed by verispam, who make a habit of engaging in some
very nasty business practices, from spamming to holding the 'net to
ransom. They also bought the main competitor (thawte), leaving us
short of competition amongst those widely recognised by browsers.
With PGP it's my own trust, not theirs.
You are quite free to set up your own root CA and encorage others to
trust you. You are also free to decide to NOT trust certificates signed
by verispam. Personally, I feel this role belongs in the government.
That's where you get your birth certificate, driver's license, social
security card, and other forms of 'official' ID. They may as well get
rid of all the paper ID and just start issuing digital certificates.
I seldom use pgp for email (and I hate it when people sign messages
posted to a list like this). But I always use it to verify software I
download from the 'net. And, unlike https, it tells me every time
whether or not *I* trust the digital signature.
How do you decide that such a signature is trustworthy and valid? You
either have to know about their public key a priori, or know ( and trust
) another one that signed theirs, otherwise, you're just guessing that
you can trust it.
