Ben Bucksch wrote:
When I say I want nobody to listen, I mean *nobody*.
Simply isn't possible with the PKI model...
I don't know of anything better for the general run of the mill joe public that would be any better...
What about the model I proposed? First cert for a person is either CA-based or self-signed, subsequent certs *must* be authorized and signed by the previous cert or will be treated as attack.
The only 2 problems I see are:
* Identify "person". People still change their email addresses, and
different people with the same name exist. Might be solvable with
help from user.
* People using certs, but being careless: Signing up to to one, then
deleting it, e.g. reinstalling their harddrive. What do I do as
recipient? Do I believe the story or not? Most people would, and
then they'd fall for the attack as well. But at least we turned a
technical attack, invisible to the user, into a social engineering
attack, which is much harder and can be prevented by
smart/knowledgable recipients._______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
