Phillip Hallam-Baker wrote: > The four most widely used browsers are all produced by US companies. Open source helps a lot. Anyway, that does not answer my question of: >> Why do you insist on counting the number of Angels when just one >> fallen one is a lot more than enough? > If you posit an attack against the US CAs you must also accept that the NSA > could make the same threats against the browser providers which would have > the same effect with far less risk of being caught and far fewer > consequences to being caught. It does not deny my point that PKI is no better than DH. > If the NSA was to coerce a CA into issuing a false certificate I would > imagine their lawyers would point out to the court that doing so would > threaten the stability of the entire Internet economy and that if > discovered the CA would lose its business. Could you explain why google, apple, microsoft etc. did not behave so? > The NSA would then be facing the downside of a multi-billion dollar lawsuit > in public court. The very last thing they want to risk is their > unconstitutional search orders being litigated by a plaintiff with standing. "would then be facing"??? If it's not "is now facing", then, it means "will never face". Masataka Ohta