> My grudge against HTTPS, for example, is that just looking through an > average certificate store is an enourmous set of public keys - and it > would seem to be impossible to keep up with who actually owns the > private counterparts of these. And it only takes one to be > compromised to throw everyone's HTTPS verifications off.
Quite so. I would be astonished if none had leaked. But then, the whole security model was compromised the first time a TLD-wildcard cert was issued (such as is used for "captive portal" interposers by airlines for their in-flight wifi and the like) - or, if you prefer, when support for them was implemented. > But maybe one day HTTPS will be more robust, safe. Well...maybe something derived from it will be - though I have my doubts - but, if so, I think it won't be much like HTTPS any longer. > Personally I think physically going to a business and being given a > copy of their key would be good... a mix of old and new. Yes. Throw out the whole CA-chain model; it's fundamentally broken, by wildcards, by lack of transparency of the root-CA list, and by being run by businesses and therefore having (from users' point of view) perverse incentives. /~\ The ASCII Mouse \ / Ribbon Campaign X Against HTML mo...@rodents-montreal.org / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B _______________________________________________ Lynx-dev mailing list Lynx-dev@nongnu.org https://lists.nongnu.org/mailman/listinfo/lynx-dev