On Mon, Feb 22, 2010 at 3:06 PM, Cheng Renquan <[email protected]> wrote:
> On Thu, Feb 18, 2010 at 10:06 AM, Soh Kam Yung <[email protected]> > wrote: > > >From [ > http://www.freedom-to-tinker.com/blog/felten/mozilla-debates-whether-trust-chinese-ca > ]. > > Read also [http://lwn.net/Articles/372386/]. > > > > ===== > > Mozilla Debates Whether to Trust Chinese CA > > > By Ed Felten - Posted on February 16th, 2010 at 2:45 pm > > > > Sometimes geeky technical details matter only to engineers. But > > sometimes a seemingly arcane technical decision exposes deep social or > > political divisions. A classic example is being debated within the > > Mozilla project now, as designers decide whether the Mozilla Firefox > > browser should trust a Chinese certification authority by default. > > [...] > > If the CA is competent and honest, then you can rely on the cert, and > > your connection will be secure. But a dishonest CA can trick you into > > talking to an impostor site, so you need to be cautious about which > > CAs you trust. Your browser comes preinstalled with a list of CAs whom > > it will trust. In principle you can change this list, but almost > > nobody does. So browser vendors effectively decide which CAs their > > users will trust. > > [...] > > CNNIC's defenders respond that any CA could do such a thing [provide a > > yes, CNNIC definitely cannot be trusted, > Can you show me the evidence? > > > valid cert for an imposter site]. If the problem is that CNNIC is too > > close to a government, what about the CAs already on the Firefox CA > > list that are governments? Isn't CNNIC being singled out because it is > > Chinese? Doesn't the country with the largest Internet population > > deserve at least one slot among the dozens of already trusted CAs? > > These are all good questions, even if they're not the whole story. > > > > Mozilla's decision touches deep questions of fairness, trust, and > > institutional integrity that I won't even pretend to address in this > > post. No single answer will be right for all users. > > [...] > > ===== > > > > -- > > Soh Kam Yung > > my Google Reader Shared links: > > (http://www.google.com/reader/shared/16851815156817689753) > > my Google Reader Shared SFAS links: > > ( > http://www.google.com/reader/shared/user/16851815156817689753/label/sfas) > > -- > Cheng Renquan (程任全), from Singapore > > _______________________________________________ > LUGS Mailing list - [email protected] > List FAQ: http://wiki.lugs.org.sg/LugsMailingListFaq > Info page: http://www.lugs.org.sg/mailman/listinfo/slugnet > To unsubscribe send an empty email to: [email protected] >
_______________________________________________ LUGS Mailing list - [email protected] List FAQ: http://wiki.lugs.org.sg/LugsMailingListFaq Info page: http://www.lugs.org.sg/mailman/listinfo/slugnet To unsubscribe send an empty email to: [email protected]
