On 29/04/2014 01:20 am, Ryan Carboni wrote: > One can always start with the difficult first step of uninstalling > certificate authorities you do not trust.
Yup. And if you don't like your country, you can hand in your passport on the way out. Marketing lies aside, it is clear that the ordinary user has no choice. iang > On Mon, Apr 28, 2014 at 4:42 PM, ianG <[email protected] > <mailto:[email protected]>> wrote: > > On 29/04/2014 00:12 am, Ryan Carboni wrote: > > trust is outsourced all the time in the non-cryptographic world > > trust is built up all the time, risks are taken all the time, choice is > taken all the time. > > > unless you do not have a bank account > > That's not outsourced, that's direct, person to bank, the person has a > choice, chooses to place her trust in that bank. Also, it is limited to > defined things that are required, can't be done by the person, and > bolstered by real backing such as FIDC. > > When you suggest "it's probably best we trust authorities" that is > CA-playbook crapola meaning "you must trust the authorities that have > been picked for you." The vector has been reversed, people are told > what has to happen, so there is no trust. > > Trust derives from choice. Where is the choice? > > iang > > > > > On Mon, Apr 28, 2014 at 3:00 PM, James A. Donald > <[email protected] <mailto:[email protected]> > > <mailto:[email protected] <mailto:[email protected]>>> wrote: > > > > On 2014-04-29 05:58, Ryan Carboni wrote: > > > > We happen to live on a planet where most users are > ordinary > > users. > > > > > > given the extent of phishing, it's probably best we outsource > > trust to > > centralized authorities. > > Although it should be easier establishing your own certificate > > authority. > > > > > > Cannot outsource trust Ann usually knows more about Bob than a > > distant authority does. A certificate authority does not certify > > that Bob is trustworthy, but that his name is Bob. > > > > In practice, however we find that diverse entities have very > similar > > names, and a single entity may have many names. > > > > > > _________________________________________________ > > cryptography mailing list > > [email protected] <mailto:[email protected]> > <mailto:[email protected] <mailto:[email protected]>> > > http://lists.randombit.net/__mailman/listinfo/cryptography > > <http://lists.randombit.net/mailman/listinfo/cryptography> > > > > > > > > > > _______________________________________________ > > cryptography mailing list > > [email protected] <mailto:[email protected]> > > http://lists.randombit.net/mailman/listinfo/cryptography > > > > _______________________________________________ > cryptography mailing list > [email protected] <mailto:[email protected]> > http://lists.randombit.net/mailman/listinfo/cryptography > > > > > _______________________________________________ > cryptography mailing list > [email protected] > http://lists.randombit.net/mailman/listinfo/cryptography > _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
