CA safety (Re: Microsoft supporting tyrants?)
Bernhard Reiter
reiter at fsfeurope.org
Wed Mar 23 08:46:26 UTC 2011
Am Dienstag, 22. März 2011 21:08:31 schrieb Thomas Jost:
> So this is really nothing new. And the issue is certainly not specific
> to Microsoft, it's really about trust in the CAs whose certificates are
> bundled with every browser
Also, any company operating in a country is to be expected to abide
to the laws of that country. Almost all countries have laws that include
special exceptions for surveillance in case of law enforcement or "secret"
services. If a company does not follow these laws, you have "the X breaks the
law" discussion as well. So it is a difficult question.
Overall I believe companies should care more and refuse to just help
country "officials" when they act against very commonly accepted human rights,
for example not providing a fair trail.
As for the CA safety: This is an important issue. I think two things should
happen: We need an initiative to evaluate root CAs and publish lists.
Also I think we should create a Free Software certificate checker that also
uses these list, e.g. something like Gpg4win (I am one of the makers of
Gpg4win).
More evaluations of implementations would also be useful and the ability
of browser to compare the last end certificate they saw.
Best,
Bernhard
--
FSFE -- Deputy Coordinator Germany (fsfeurope.org)
Your donation makes our work possible: www.fsfeurope.org/help/donate.en.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.fsfe.org/pipermail/discussion/attachments/20110323/20f0f41c/attachment.sig>
More information about the Discussion
mailing list