On Mon, Feb 13, 2012 at 3:08 PM, Kyle Hamilton <[email protected]> wrote:
> We can continue to outlaw it, in which case it will continue to exist > outside of our sight. We can continue to do the things we've tried to do > before, to break what currently exists and to try to prevent technological > subversion in an arms race. That will only ensure that other standards > bodies will step up to fill the void of workable standards for > authentication, and ensure that companies will still do anything they can to > make a buck and find ways to subvert our in-loco-parentis "you can't do > that, it's for your own good" security model. It's time for us to get over > ourselves. For network operators wanting to MITM their own client devices, the solution is simple: install the MITM certificate as a trusted root certificate at the time the device is provisioned (and/or in later updates). Windows GPOs, for example. There is no need for such operators to get or use a *public* authority for this purpose. Everybody wins; what's the problem? _______________________________________________ therightkey mailing list [email protected] https://www.ietf.org/mailman/listinfo/therightkey
