Il giorno 16/nov/2013, alle ore 23:08, Theodore Ts'o <tytso@xxxxxxx> ha scritto: > On Sat, Nov 16, 2013 at 03:11:34PM -0500, Phillip Hallam-Baker wrote: >> But as is well known, many CAs own multiple embedded roots, typically three >> or four brands per large CA and each brand often has several roots. The >> conclusion that the EFF has been peddling is that there are 600 parties >> that can introduce spurious certs, this is not what their evidence >> demonstrates. >> >> My point was that like the 'Gore claimed to invent internet meme' this has >> become a zombie lie that is repeated by people despite the fact that it has >> been repeatedly shown to be false. People like to believe it because it >> reinforces their prejudices but that does not make it true. >> >> We should not be making policy decisions on the basis of zombie lies. > > Whether the number is 100, or 600, or a thousand (and note that even > if there are dozens or even hundreds of CA's being run by one > "organization", those CA's may be run by different personnel, and have > different policies, and have their certificate signing keys stored in > different ways (i.e., some may be stored on some minimum wage worker's > laptop; others may be stored in some Tempest Shielded fancy-shamancy > BBN secure signing box requiring multiple crypto ignitition keys > before certificates can be issued) --- how you count the CA's or > organizations I don't think is really all that important. Even if > it's only 100 organizations, or even 50, do you really believe they > can all be trusted, and are you willing to assert that they will all > never having any process or technological failures? > > And if you believe that all dozen, or 50, or 100 certificate > organizations can be considered trustworthy, care to explain some of > the more spectacular failures (i.e., Comodo, Diginotar, etc.)? > > Quibbling over numbers doesn't change the the fundamental premise, > which is that the certificate signing architecture for the web is > considered by some (including myself), to be pretty badly broken. > > Regards, there is another point to take into account: switching to a CA based web means kill the natural peering nature of the web I can easy publish a plain http html page on my router without ask for permission at any CA out there and the client Firefox shows it forcing a new crypto-web based on the actual CA multilevel grants could kill the web as we know now Luca