Thomas Hardjono wrote: > I'm not sure if the Chrome folks would be prepared to > ship their browser without any CA certs loaded,
Excessive distrust is inconvenient, excessive trust is vulnerable. It is better to remedy flaws by expanding functionality rather than restricting it. On the one hand, something like Verisign is very useful to signify that an entity that calls itself a bank is in fact regarded as a bank by governments and other major banks, on the other hand, it is pretty useless for designating membership of a group to other members of the group, which is the major function of client side certificates. The number of globally important entities is necessarily small, therefore a global namespace of globally unique human memorable names, (such as "Bank Of America") works well for them. The number of entities that have or need keys is quite large, therefore Zooko's triangle applies - globally unique human memorable names work very badly for the vast majority of keyholders, therefore a business whose job is enforcing global uniqueness of human memorable names (such as Verisign) is going to be a pain to deal with, for it is trying to do something that really cannot be done, therefore in practice will merely make it sufficiently difficult for clients that scammers do not bother. Even for banks, globally unique names are problematic. A remarkably large number of banks are called something National Bank, or First National Bank of something. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com