On Saturday 21 May 2005 17:33, Ram A Moskovitz wrote: > The fallacy in your argument (there is no contradiction between statements) > is that it requires there to be no value to VeriSign's reputation today > which is a false statement.
Well, I would have put it more softly than that. First, it is not a statement that there is no value in VeriSign's brand. There are three important limitations: the brand of import is that with the retail certs brand, and not the rest of the market where Verisign plys a trade. The certificates is only a small part of Verisign's operations, one part of one division. So Verisign mayy have a good brand elsewhere, but what is important is the brand that the buyers of certs see. Secondly, it is not that the argument only works if there is no value. The relative equation is whether there is *sufficient* brand recognition to have the effect. This is a complicated thing to measure, so I put that forward as a conjecture (although see earlier posts for some cites). Thirdly, bear in mind this is not an attack on Verisign. If one were to substitute Verisign for Comodo, then there would be no argument that their brand is relatively small and unheard of out in the retail cert buying market place. Even a relatively large player like Godaddy might not have the associated brand as people might not realise they sell certs. If anything it is an argument that Verisign also should be included in the list as not having valuable brand as a brake on behaviour. So in a marketplace where arguably only one CA might have a plausibly strong enough brand to effect their behaviour, that still leaves us with the conclusion that there isn't much stopping the original Duane-posted threat: whether a CA would decide to fight the feds in issuing an unauthorised substitute cert. Drawing from Frank's policy, we now know that MoFo does not consider such possibilities directly in the choice of the root list, just like it doesn't rule out control-of-domain certs, and all the problems that arise from that issue. Which leaves a software based response. The only way to protect the user against a substitute cert attack is in the browser. Which was what Duane was asking for. iang > On 5/21/05, Ian G <[EMAIL PROTECTED]> wrote: > > On Saturday 21 May 2005 02:22, Ram A Moskovitz wrote: > > > You have repeatedly argued that the value of brand and reputation > > > plays into a CA's behavior. Here you are saying that a CA would toss > > > its reputation to keep one of it's small (revenue size) customers > > > happy. > > > > Correct on both counts. Now, you are implying that > > there is a contradiction in these two statements. -- Advances in Financial Cryptography: https://www.financialcryptography.com/mt/archives/000458.html _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
