[cryptography] this house believes that user's control over the root list is a placebo

Marsh Ray marsh at extendedsubset.com
Sun Jun 26 19:46:15 EDT 2011

On 06/26/2011 05:58 PM, Ian G wrote:
> On 26/06/11 5:50 AM, Ralph Holz wrote:
>> - you don't want to hurt the CAs too badly if you are a vendor

Vendors spend all day long talking internally and with other vendors.
Consequently, they tend to forget who holds the real money.

For most healthy vendors in a market economy, that's the customers. 
Browsers seem to live on a planet without the usual market forces however.

In the case of Mozilla, 97% of their revenue comes "royalties"
> http://www.mozilla.org/foundation/documents/mf-2009-audited-financial-statement.pdf
of which 86% is one contract. It's a safe bet that's probably Google.
That contract is said to expire in November, and Google now makes a 
"competing" browser.

Google seems to care more about actual security than Mozilla. Last I 
checked Mozilla didn't even bother to sign all the addons for their own 
package system, whereas we see Google doing things like pinning their 
own certs in the Chrome codebase.

Maybe that's because Google actually runs services that people use (e.g. 

>> - it still means researchers won't get the numbers they need. And
>> the circle closes - no numbers, no facts, no improvements, other
>> than those subjectively perceived.
> OK. So we need to show why researchers can benefit us with those
> numbers :)

Because having a system that's credibly secure will increase
adoption among organizations with money.

You can't credibly claim to defend against earthquakes while keeping 
seismic resiliency data secret.

> (IMHO, the point is nothing to do with researchers. It's all to do
> with reputation. It's the only tool we have. So disclosure as a blunt
> weapon might work.)

Nothing undermines credibility and "trust" like public denials and secrecy.

CAs seem to think they can act like nuclear power plant operators or 
something. But NPPs at least produce electric power! On the other hand, 
every additional trusted root beyond the necessary minimum represents 
pure risk.

The general public and those who defend networks understand the need to 
take active network attacks seriously far more than than did just a year 
or two ago.

- Marsh

More information about the cryptography mailing list