[cryptography] this house believes that user's control over the root list is a placebo
marsh at extendedsubset.com
Sun Jun 26 19:46:15 EDT 2011
On 06/26/2011 05:58 PM, Ian G wrote:
> On 26/06/11 5:50 AM, Ralph Holz wrote:
>> - you don't want to hurt the CAs too badly if you are a vendor
Vendors spend all day long talking internally and with other vendors.
Consequently, they tend to forget who holds the real money.
For most healthy vendors in a market economy, that's the customers.
Browsers seem to live on a planet without the usual market forces however.
In the case of Mozilla, 97% of their revenue comes "royalties"
of which 86% is one contract. It's a safe bet that's probably Google.
That contract is said to expire in November, and Google now makes a
Google seems to care more about actual security than Mozilla. Last I
checked Mozilla didn't even bother to sign all the addons for their own
package system, whereas we see Google doing things like pinning their
own certs in the Chrome codebase.
Maybe that's because Google actually runs services that people use (e.g.
>> - it still means researchers won't get the numbers they need. And
>> the circle closes - no numbers, no facts, no improvements, other
>> than those subjectively perceived.
> OK. So we need to show why researchers can benefit us with those
> numbers :)
Because having a system that's credibly secure will increase
adoption among organizations with money.
You can't credibly claim to defend against earthquakes while keeping
seismic resiliency data secret.
> (IMHO, the point is nothing to do with researchers. It's all to do
> with reputation. It's the only tool we have. So disclosure as a blunt
> weapon might work.)
Nothing undermines credibility and "trust" like public denials and secrecy.
CAs seem to think they can act like nuclear power plant operators or
something. But NPPs at least produce electric power! On the other hand,
every additional trusted root beyond the necessary minimum represents
The general public and those who defend networks understand the need to
take active network attacks seriously far more than than did just a year
or two ago.
More information about the cryptography