One can always start with the difficult first step of uninstalling certificate authorities you do not trust.
On Mon, Apr 28, 2014 at 4:42 PM, ianG <[email protected]> wrote: > On 29/04/2014 00:12 am, Ryan Carboni wrote: > > trust is outsourced all the time in the non-cryptographic world > > trust is built up all the time, risks are taken all the time, choice is > taken all the time. > > > unless you do not have a bank account > > That's not outsourced, that's direct, person to bank, the person has a > choice, chooses to place her trust in that bank. Also, it is limited to > defined things that are required, can't be done by the person, and > bolstered by real backing such as FIDC. > > When you suggest "it's probably best we trust authorities" that is > CA-playbook crapola meaning "you must trust the authorities that have > been picked for you." The vector has been reversed, people are told > what has to happen, so there is no trust. > > Trust derives from choice. Where is the choice? > > iang > > > > > On Mon, Apr 28, 2014 at 3:00 PM, James A. Donald <[email protected] > > <mailto:[email protected]>> wrote: > > > > On 2014-04-29 05:58, Ryan Carboni wrote: > > > > We happen to live on a planet where most users are ordinary > > users. > > > > > > given the extent of phishing, it's probably best we outsource > > trust to > > centralized authorities. > > Although it should be easier establishing your own certificate > > authority. > > > > > > Cannot outsource trust Ann usually knows more about Bob than a > > distant authority does. A certificate authority does not certify > > that Bob is trustworthy, but that his name is Bob. > > > > In practice, however we find that diverse entities have very similar > > names, and a single entity may have many names. > > > > > > _________________________________________________ > > cryptography mailing list > > [email protected] <mailto:[email protected]> > > http://lists.randombit.net/__mailman/listinfo/cryptography > > <http://lists.randombit.net/mailman/listinfo/cryptography> > > > > > > > > > > _______________________________________________ > > cryptography mailing list > > [email protected] > > http://lists.randombit.net/mailman/listinfo/cryptography > > > > _______________________________________________ > cryptography mailing list > [email protected] > http://lists.randombit.net/mailman/listinfo/cryptography >
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
