-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi
On Saturday 2 November 2013 at 6:48:39 PM, in <mid:87fvreprlk....@mat.ucm.es>, Uwe Brauer wrote: > Your point being? > I presume it goes like this: NSA is "a government > based organisation" doing, among other things, > violations of civil rights. > So any other government based organisation cannot be > trust, end of argument. Exactly. > Well I just talked about a service, which provides > certificates to its citizen. That means it signs a > public/private key pair, which is generated by the, > hopefully open source, crypto module of your browser. > So either you claim to have evidence that this modules > have been hacked and the key pair is transferred to > some of these evil organisations or I really don't see > your point. Simply stated, it is established that government based organisations sometimes act in a nefarious manner, contrary to the law and contrary to the interests of the population. I view that as a reason not to trust government based organisations. And if I don't trust government based organisations, I cannot trust a certification issued by one. Of course, private companies or individuals who issue certifications are susceptible to coercion. Whether issued by government or by private sector, a single certification on a public key represents a single point of failure. It does not provide any great level of assurance the corresponding private key is controlled by the identity it claims. Such assurance could potentially be derived from numerous certifications that are independent from each other, but how do you tell which are truly independent? Where actual identity is not required, just continuity of communication, I see no value in obtaining any certification at all. - -- Best regards MFPA mailto:expires2...@ymail.com Can you imagine a world with no hypothetical situations? -----BEGIN PGP SIGNATURE----- iPQEAQEKAF4FAlJ3qQVXFIAAAAAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0 N0VDQTAzAAoJEKipC46tDG5pFGMD/3YXsKuEtEf9+H4qiQckLlEkv+ulrQnuepRn PlDE6rsbzdIaa3aU9eRCwa9mydwwIByadgI1YhrdXlnxRk2Aa6mfuoFPkg5MEa8c 3ysvmrVY5DHPkSELkEeUZe6Nk1lcJz1JUUd2vT6cNpks68kYG1Zb/VaLoKbC4sW2 ypuROxWl =1Moi -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users