Re: as trustworthy as the hierarchical CA system currently in place...

Excerpts from Henry Story's message of 2012-03-05 13:25:27 +0000:
> Security is like knowledge: it is a modal notion which like knowledge comes in degrees. There is 
> no such thing as absolute security, and no such thing as absolute certainty. This does not mean
> that there is no such thing as knowledge. Read Robert Nozick's section on knowledge in his Philosophical
> Explanations, for a good modal analysis [1]
hmmm... i will just tag it with 'read' for now ;)

> 
> So we are pragmatic and working with the current CA system which has its limitations, but allows us to get
> off the ground. The TLS system can be improved in a number of ways, as work by IETF Dane group is  [2] 
> is showing or other projects we mentioned on this list (pointers?) where people are setting up services
> to verify self signed certificates. One can then go even further and develop naming systems that don't rely on
> DNS, but they fall into Zooko's triangle, and are no longer readable. So we are here interested in getting
> the basic piece working. Improvemetns can then come in many different ways. 
thx for this explnation and pointers to efforts dealing with this issue!
also big thanks to everyone else who have shared comments on this topic =)

~ elf pavlik ~

Received on Monday, 5 March 2012 17:47:38 UTC