Kyle, It's ironic that you're email includes a root certificate for "Startcom Class 2" that is not the same as the one currently in my browser.
>There might be a useful compromise: the built-in/vendor-supplied roots >show a blue or a green address bar, and non-vendor-supplied roots show a >yellow address bar. Bandages on a gushing artery. More irrelevant information for users to ignore. >I think the existing mandate that everything be authenticated and >tunneled end-to-end only hurts the IETF. We need to develop systems >within models that actually work. I am here as the voice of the user >and of the network administrator, the one who needs to be able to trust >his hardware and software to do precisely what he expects them to, the >one who needs to actually use the services we specify. No. It helps. Allowing undetectable MiTM is an enormous compromise. If corporations or Governments want to monitor traffic - they simply need to be the "end" from the user and security perspective. Paul
Verify This Message with Penango.p7s
Description: Verify This Message with Penango.p7s
_______________________________________________ therightkey mailing list [email protected] https://www.ietf.org/mailman/listinfo/therightkey
