Peter Saint-Andre wrote:
On 12/15/09 12:47 PM, Dirk Meyer wrote:
Jonathan Schleifer wrote:
Peter Saint-Andre <[email protected]> wrote:
Who said that including CAs is evil?
My argument is that policies differ. Just because a lot of people use
a particular CA doesn't make it good.
Deciding on policies is something the user should do, not the client. I
for example trust something open and transparent like CACert much more
than some company like VeriSign etc.
And my sister has no idea what you are talking about, what these CA
things are, why there is a warning, and how she can check these strange
numbers called fingerprint. IMHO clients should include a basic sets of
CAs.
The model in Mozilla, OS X, and other platforms seems satisfactory: they
include a common set of CAs but, if you really know what you are doing,
you can explicitly signify that you trust CAs outside that set. The
latter option is appropriate for geeks, but not for people like your
sister. FWIW, I don't think that we need to standardize on CAs within
XMPP clients and servers; instead it makes more sense to re-use the
certificate bundles provided at the level of the operating system.
I tend to agree. If you load the Trust Anchors (TAs) in to the
application, then when I want to configure the TAs that my relying
parties use in my enterprise I need to have another mechanism to rip out
the ones I don't like.
spt
