Re: Web of Trust (a revolution)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Mar 30, 2009 at 13:46:02 -0400,
  Todd Denniston <Todd.Denniston@xxxxxxxxxxxxxxxxxx> wrote:
>
> i.e., sure all the root CA's that the browser producers want to include 
> can come in, but they should have trust DBs that allow each user to tick:
> * Never trust this key. (and by extension anything it has signed. Perhaps 
> with a pop up indicating 'the sig is ok, according to bla, but bla is a 
> known idiot.')
> * Marginal trust. (pop up something saying 'the sig is ok, according to 
> bla, but you are uncomfortable with bla.')
> * Fully trust. (operate as CA's in web browsers since they started getting CA's.)
>
> And by default (as released by the browser producers) the keys should be 
> set to either Never or Marginal.

I'd rather see more of a web of trust type model. Right now you can only have
one chain of certificates. So you can't have a cert signed by multiple
roots.

There is nothing keeping track of the cert you previously saw for a site
(unless you remove all of the CA certs) so that you get warned when it
changes. (At least if the new cert isn't signed by the old one.)

CAs that charge extra in order to sign certs that have flag set to
indicate that they can sign other certs in subdomains should be boycotted.

Sites with self signed certs that prevent passive snooping get treated as the same
as going to a site without ssl and not triggering all sorts of inappropriate
warnings that look scary and make people jump through hoops to bypass them.

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux