Todd Zullinger wrote:
when you really get down to it, do you trust the "issuing authorities"
to truly be authoritative and trustworthy in the task of identifying
individuals? Honestly, I don't. (I think most governments are in
over their heads when it comes to mail delivery, so most of the more
important tasks are way beyond their abilities to do properly. :)
It's time to contemplate the meaning of life, trust and all that.
I imagine that people hear trust me to a greater extent than some others
when I give advice about matters Linux. Certainly, that was once the
case regarding OS/2, when I asserted "Warp 4 Unleashed" was cancelled. I
felt I needed an asbestos suit to protect me from flames from many,
including the expectant lead author, but others came to my defence to
such an extent I barely needed to defend myself.
Similarly, people tend to trust a chap called "Alan Cox."
However, if either of us started spouting about a wonderful new business
opportunity, even one involving Linux and computers, you would be really
unwise to listen.
If I want a digital identity that people around the world accept, then I
must choose and trust an issuing authority to provide the service. I
might trust Bob's advice about computers, but certainly he's not able to
provide a certificate with useful efficacy.
I might trust a CA to issue digital certificates and to take reasonable
means to verify the identities of those they issue to, but I'm not going
to rely on them for investment advice, or to manage my superannuation fund.
I trust where I must, to the extent I must. I trust Red Hat, Debian and
others to provide good quality Linux distributions, but I trust[1] some
of the affiliates less.
[1] I did use an addon repo for CentOS (I don't recall which, now) but I
found my postgresql got updated to 8.1 or so. Wasn't amused.
--
Cheers
John
-- spambait
1aaaaaaa@xxxxxxxxxxxxxxxx Z1aaaaaaa@xxxxxxxxxxxxxxxx
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375
You cannot reply off-list:-)