CA safety (Re: Microsoft supporting tyrants?)

Werner Koch wk at
Fri Mar 25 16:56:50 UTC 2011

On Fri, 25 Mar 2011 10:46, reiter at said:

> The slides were not available under [1] to me.
>> [1] Slides in German for a talk on this topic are at
>> .

> This does not make it perfect, but currently implementations are really 
> lacking so does some of the organisational support around it.
> To me business can particiapte doing some work, but as always, they need to be 
> controlled, e.g. by rules set by the people and controlled by the government.

A global hierarchical model with a root trusted by everyone will never
happen.  Thus we have this funny system with an unknown but larger
number of roots where every entity must trust all roots.  And each root
must trust all its registrars to never make a single error.  Even an
orwellian state is not able to guarantee this.  The global PKI idea is
broken - you can't fix it.

> I know many hacker that never check the fingerprints. Also this model has its 

It doesn't matter.  The important thing is that ssh loadly complains if
the domain does not anymore match the fingerprint stored at the first

> However X.509 or the web of trust model is not completely out of the windows 
> for me, it just needs other efforts to succeed. Why is there no maintained 
> list of CAs and their behaviour on the internet, that I know of?

Because the X.500 design requires exactly *one root CA* and not
hundreds.  By design such a list would have only one entry.

I agree that X.509 makes sense in a controlled environment where the
structure represents the internal organization.  That is in a large
company or in a centralized government.  Note that it would even not
work on the EU level, because the EU has no direct control over the
country governments.

> I agree it would be useful to implement this model with many security 
> applications e.g. for X.509, OpenPGP.

X.509 would be degraded to self-signed certificates, because the only
interesting thing is the fingerprint of the certificate.  With OpenPGP
we would use the always-trust model instead of the WoT; and use the
fingerprint to record the key-URL association.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Discussion mailing list