On Mon, Aug 18, 2014 at 10:32 AM, Nadim Kobeissi <[email protected]> wrote:
> Considering the disaster that CAs have been and how desperately we've been > attempting to escape them (Trevor's work on Tack being one of the best > examples), why would you want to replace Web of Trust, which is effectively > decentralized, for a model that centralizes authority in a way that makes it > ripe for compromise by a few actors? Web of trust is considered problematic for a number of different reasons including being heavily implicated in Johnny's failure to encrypt. It's well recognized that web of trust needs to be replaced by something more scalable and usable and I do agree that a single central authority would be inappropriate for certification of email keys which is why in Nyms the trust is distributed among several independent authorities. > > One thing that Nyms does better than the CA system seems to be asking for > m-of-n certifications. But I'm having trouble seeing how Nyms would establish > its certificate authorities without a top-down hierarchical process. Who > decides who gets to be an authority? Who decides which authorities are > telling the truth? Can I just game the system by having the most authorities > on my side? Why is this secure? This is a reasonable question to ask. I imagine that the trusted authorities will be operated by organizations with a reputation for defending privacy such as the EFF or Freedom of the Press Foundation. However it doesn't really matter who is running the authorities or if you can trust all of them, they only need to be independent. Even if authorities collude to publish malicious keys, this dishonesty will be detected by users (and by their communication partners) because keys are periodically and automatically re-requested from the keyserver network. If keys change unexpectedly alarms will go off and the incident can be investigated and bad authorities expelled from the network. Even though I haven't mentioned it in the design, I'm not opposed to considering a certificate transparency style approach as well if it can be applied in a way which does not deliver a list of email addresses to spammers. --brl _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
