On Thu, Jan 3, 2013 at 5:26 PM, Ruben Bloemgarten <ru...@abubble.nl> wrote:
> "you don´t know who I am, but only we know what we´re telling each other." So essentially you and Nadim are arguing that, since CAs fail some of the time, we should get rid of the whole system and end up in the same position -- where there is no trust in validating that the person talking to you is actually who they say they are? Does anyone believe that users will actually understand the difference? On Thu, Jan 3, 2013 at 5:26 PM, Ruben Bloemgarten <ru...@abubble.nl> wrote: > Nadim, > > I think its about time to have CA´s be peer accredited institutes > (EFF/tor/access now/my brother´s sister´s cousin/ whoever) issuing free > or at least at cost certs. That being said, I don´t think certs are very > good at preventing mitm anyway, that might be the case if a majority of > users would have the wherewithal for a more realistic reaction than "ooh > red/green is bad/good", and even then. Love ssl, don´t really care about > certs. So yes, lets dump "trust me, I´ve been certified" in favor of > "you don´t know who I am, but only we know what we´re telling each other." > > - Ruben > > On 01/04/2013 02:09 AM, Nadim Kobeissi wrote: > > Another CA has been found issuing SSL certificates for Google services. > > Mozilla has acted on the > > issue: > https://blog.mozilla.org/security/2013/01/03/revoking-trust-in-two-turktrust-certficates/ > > > > The weird thing is that it's starting to appear less and less crazy to > > just get rid of the CA system and replace it with… nothing. What do you > > guys think? > > > > NK > > > > > > -- > > Unsubscribe, change to digest, or change password at: > https://mailman.stanford.edu/mailman/listinfo/liberationtech > > > > -- > Unsubscribe, change to digest, or change password at: > https://mailman.stanford.edu/mailman/listinfo/liberationtech > -- *Collin David Anderson* averysmallbird.com | @cda | Washington, D.C.
-- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
