Gervase Markham wrote:
Ian G wrote:
> I'd challenge the 1st part of that. Why does
a CA need to be "equally secure and verifiable?"
Because, like it or not, we have a binary security model.
Right. Like it or not, we have that.
And, even if we didn't, most users aren't in a position to correctly
judge relative levels of risk.
That is an assumption that goes back to the
beginning of PKI time. I wonder where it
comes from?
There may be support for this statement,
but I've never been able to find its scientific
basis, in cryptography, user design, nor in
economics. In particular, the last 10 years
of experience only bear it out to the extent
that users were denied the chance to make
a choice. So it may well be that the reason
they are not in a position to correctly judge
relative levels of risk is because they are
not permitted to do so.
In contrast, in most fields of endeavour,
users can correctly judge relative levels of
risk. Especially, they tend to be quite good
at knowing when to go to a specialist and
when not.
It may be nice and comforting to say that the
users can't judge for themselves, but:
a) very few people support the notion that
they should be denied the choice to judge, and
b) relatively few support the notion that there
is somewhere an elected elite that can make
the judgement better.
That is, the history of those elite who said that
the people should be denied that choice, and
they the elite know better, is not a happy one.
iang
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/
_______________________________________________
mozilla-crypto mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-crypto
