Because an HTTP connection is neither encrypted, nor possible to authenticate. If Firefox will let us have encryption and key exchange without any annoying dialog, we can layer on our own accreditation mechanism, such as petnames. For many use cases, this solution is not only sufficient, but optimal.
Petnames is not an authentication mechanism. It merely tells you that the person you talked to last week is the person you are talking to now (and it doesn't even tell you that, if the cert is self-signed and your DNS has been poisoned).
Sometimes this is sufficient - but not always, by any stretch of the imagination.
The fact that he doesn't want to suggests that something more is required.
Actually, Hugo responded to my last email, indicating that I do understand his main goal: to enable the Chilean people to browse Chilean SSL sites without requiring a vulnerability to a non-Chilean entity.
Is he suggesting that Chileans are planning to remove the root certs of all other providers from their browsers?
That's not to say that it's not a good idea, but I don't think it will help Hugo.
Well, let's find out. It is technically *very* easy to incorporate the petname tool into the next security release of Firefox. Let's see if making this set of changes relieves some of the pressure on Frank to add more CA certificates.
Er... no.
I am aware that you want to define an accreditation function for the
CA list, but I think we can agree that the accreditation value of the
*current* CA list is at best ill-defined, if not non-existent.
They are accredited by history, which is fairly powerful. Point me at all the people ripped off because they have issued dodgy certs.
Gerv _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
