On Thursday 12 May 2005 20:26, Ram A Moskovitz wrote: > On 5/12/05, Ian G <[EMAIL PROTECTED]> wrote: > > You > > surely don't believe all those stories about > > m of n copies distributed in hardened bunkers... > > With all due respect I believe the thinks I can confirm even when you > know better. Would you say I am picky about being sure that things are > false.
I'm not sure I follow you, but I suspect you are outraged at my suggestions! Well, it's indicative rather than factual, intended to suggest that there is a spectrum here rather than an absolute. The thing is that governance in any security situation is relative to the risks, and is not ever an absolute. So the precautions taken should be aligned to the size of the business. For example, there is absolutely no point in requiring say CACert to protect their root cert with more care than say a tin lockbox and a beefy secret key. They have a few thousand certs out there and only one root listing. Few merchants care about them, their user base will be Internet communities, clubs, software development teams and "our sort of people". On the other hand, Verisign has a lot of merchants, and probably doesn't want to lose their root cert. So they can be expected to protect it. The major damage for Verisign would be loss of reputation if they lost their root cert. Also, there is a potential for wholescale fraud to break out in "ssl space" and then the cost limit is going to be the nearest alternative, which given root cert limitations is the control-of-domain stuff at the moment, but the cost of a forged cert could skyrocket if UI changes are put into browsers, so losses could increase to real monetary damages in the worst case. So Verisign have a lot to lose if they lose their root cert. CACert do not. In the ordinary scheme of things, it makes sense to let both of them look after their keys to their own measures. Which is what Thwarte did - back in the first 2 years, there was a very uncertain business environment, and the ones that made it to the big time had to keep costs contained tightly to get there. As Thwarte got bigger and bigger, then one can expect them to have taken more and more care. I'm sure now they take lots of care! iang -- http://iang.org/ _______________________________________________ Mozilla-security mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-security
