[Cryptography] "Trust in digital certificate ecosystem eroding"
Bill Frantz
frantz at pwpconsult.com
Fri May 1 11:33:23 EDT 2015
On 5/1/15 at 3:34 PM, andreas.junius at gmail.com (Andreas Junius) wrote:
>... But there are now thousands of CA's and it is now nearly
>impossible to trust all of them as an individual.
>
>I don't know how to fix that problem. Maybe it could help to
>make it more visible to the average user.
One thing that might help is to display, by default or simple UI
action, the trust chain. E.g. "Verisign.com says that this page
is from WellsFargo.com." The CAs should like it since it puts
their brand in front of users. It also might make organizations
reluctant to change CAs.
If I ran the zoo, I would phrase the display of intermediate CAs
so the top level CA accepted responsibility for their behavior.
E.g. "CACert.com says that Citi.com says that this page is from CitiTrustManagement.com."
Cheers - Bill
-------------------------------------------------------------------------
Bill Frantz | When it comes to the world | Periwinkle
(408)356-8506 | around us, is there any choice | 16345
Englewood Ave
www.pwpconsult.com | but to explore? - Lisa Randall | Los Gatos,
CA 95032
More information about the cryptography
mailing list