On Tuesday 10 May 2005 18:09, Jean-Marc Desperrier wrote: > Gervase Markham wrote: > > As an example (and I don't know of anyone who is actually suggesting > > this), what if we made all CAs who issued non-zero accountability certs > > post a $1,000,000 bond against losses from phishing attacks performed > > using their certs? Would you consider that a lockout measure?
It's a good thought experiment. Note that it gets Mofo back into the judgement business. As Mofo has no experience of the bond posting business, it will be a tough call. In (one) theory the cert is only as good as the money it provides when something goes wrong. So this theory is quite sympathetic to the notion that the amount of cover available to the relying party (browser user) is posted on the chrome as a big $$$1000 number. There are a few wrinkles though. The contract might say that the money is only payable if shopping while dancing naked to a three quarters transylvanian moon **. Also, as matter of widely understood fact, no cert nor has any CA ever compensated anyone anywhere for any loss. So at a minimum, we cannot in any real sense suggest that in the future, a cert is worth any protection. Precedent is a worthwhile thing, all else is words... > Did you hear about insurance fraud ? I think if you do something like > that it will become a very big problem for those CA :-) Yes. Puzzle yourself this: those guys who turned in the Microsoft virus writer a few months back and tried to claim the $250,000 reward or whatever it was. Were they "in" on it? > I think commercial CA would hate such a thing even more than cacert, so > I don't see it at a lockout. It depends how strategic they are. Such a barrier to entry would actually be very bad for the entire business, and most CAs know that they need to grow it - the entire marketplace - to survive. Verisign might approve having taken their supposedly large lump, but if they had any proper strategic marketing people, it would take 5 minutes to convince them otherwise. iang PS: we could design a standard set of contracts, which could be hash protected, and then clearly marked for the user. The problem with this is again it puts someone in the super-CA judgement biz. -- http://iang.org/ _______________________________________________ Mozilla-security mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-security
