Re: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)

[Gregory Edigarov <greg () bestnet kharkov ua>]

On Mon, 12 Sep 2011 07:53:57 -0700
Michael Thomas <mike () mtcc com> wrote:

> Randy Bush wrote:
> > > But Gregory is right, you cannot really trust anybody completely.
> > > Even the larger and more respectable commercial organisations will
> > > be unable to resist <insert intel organisation here> when they ask
> > > for dodgy certs so they can intercept something..
> > >
> > > No, as soon as you have somebody who is not yourself in control
> > > without any third party verifiably independent oversight then you
> > > have to carefully define what you mean by trust.
> >
> > i am having trouble with all this.  i am supposed to only trust
> > myself to identify citibank's web site?  and what to i smoke to get
> > that knowledge?  let's get real here.
> >
> > with dane, i trust whoever runs dns for citibank to identify the
> > cert for citibank.  this seems much more reasonable than other
> > approaches, though i admit to not having dived deeply into them all.
>
> It seems to me that this depends a lot on how much you can tolerate
> single points of failure. The current de-trusting is certainly going
> to cause trouble for whoever used that CA, but the internet didn't
> roll over and die either. If the root DNS keys were compromised in an
> all DNS rooted world... unhappiness would ensue in great volume.
>
> Mike, poison and choices...
let me state clearly what am I writing about:
ok, suppose, there is a site on the internet, that has a certificate
issued by one of the major CAs. how could one know, that certificate
wasn't issued to forged identity?