CA safety (Re: Microsoft supporting tyrants?)

Werner Koch wk at
Wed Mar 23 13:39:04 UTC 2011

On Wed, 23 Mar 2011 09:46, reiter at said:

> As for the CA safety: This is an important issue. I think two things should 
> happen: We need an initiative to evaluate root CAs and publish lists.

I don't agree.  The whole PKA business is broken.  A big part in this is
that it is, well, a business.  But it is not the only problem.  The
centralized approach does not match todays communication reality [1].

There is only one model which works, and that is the model we hacker
refuse to implement for ordinary users: ~/.ssh/known_hosts.  For all our
important stuff we use this ssh model because it is technically simple
to implement and simple to explain [2].  Try to explain X.509 or the

What to do?  Use self-signed X.509 certificates or gpg with
--always-trust.  Add the know_host stuff from ssh and design a good UI
to handle the error cases (key change, name changes, real MITM attacks).
Modern web browsers already have such UIs but their problem is that they
get into action way to often - unless you pay the Internet tax.



[1] Slides in German for a talk on this topic are at .
[2] Unfortunately there are projects which try to connect the ssh model
    with the X.509 PKI or the commonly used WoT PKI of OpenPGP.
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Discussion mailing list