On 2010-07-29 12:18 AM, Peter Gutmann wrote:
This does away with the need for a CA,
because the link itself authenticates the cert that's used.
Then there are other variations, cryptographically generated addresses, ...
all sorts of things have been proposed.
The killer, again, is the refusal of any browser vendor to adopt any of it.
Bittorrent links have this property. A typical bittorent link looks
like
magnet:?xt=urn:btih:2ac7956f6d81bf4bf48b642058d31912479d8d8e&dn=South+Park+S14E06+201+HDTV+XviD-FQM+%5Beztv%5D&tr=http%3A%2F%2Fdenis.stalker.h3q.com%3A6969%2Fannounce
It is the equivalent of an immutable file in Tahoe.
In the case of FF someone actually wrote the code for them, and it was
rejected. Without support from browser vendors, it doesn't matter what cool
ideas people come up with, it's never going to get any better.
The browser vendors are married to the CAs
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com