Ah Python, you have spoiled me for all other languages

[Johannes Bauer]

On 23.05.2015 14:44, Marko Rauhamaa wrote:
> Johannes Bauer <dfnsonfsduifb at gmx.de>:
> 
>> I dislike CAs as much as the next guy. But the problem of distributing
>> trust is just not easy to solve, a TTP is a way out. Do you have an
>> alternative that does not at the same time to providing a solution
>> also opens up obvious attack surface?
> 
> Here's an idea: an authentication is considered valid if it is vouched
> for by the United States, China, Russia *and* the European Union. Those
> governments are the only entities that would have the right to delegate
> their respective certification powers to private entities. The
> governments would also offer to certify anybody in the world free of
> charge.

You propose that a set of multiple CA signatures (TTPs) is required and
that those CAs work for free.

Multiple problems with that.

Firstly, who is going to choose the TTPs? In your example you
arbitrarily chose four instances. Japan is missing from there, why?
Because you made arbitrary rules. Good luck convincing everyone
(especially the Japanese) that your choice is the "right" one. There is
never going to be agreement.

Secondly, any of the "chosen" TTPs can effectively DoS every other
country in your scenario. If the US and Russia have a conflict, each
party can become sloppy at their certifications and slow things down a
bit. Suddenly bank-of-russia.ru doesn't have a valid certificate
anymore, ooops.

Thirdly, the more TTPs you have, the less well the whole thing scales.
The whole idea of a trusted third party is that you can TRUST that party
and don't have to do additional checks (like checking agreement with
other TTPs).

Fourthly and lastly: How would this work? If I have a website running
https, how would I get my identity certified by Russia or China? I
should maybe mention that I speak neither Russian nor Chinese. And even
if I did or maybe if their CAs provided service in English, how would
they certify me? For personal identification purposes you often have to
appear in person, something that is impossible if you distribute the
scheme around the whole world.

All in all, the current CA system is shitty and has numerous problems,
but it's not like it's been designed by monkeys. Every alternative has
new problems, some of which may be even worse than the problems we have now.

Cheers,
Johannes

-- 
>> Wo hattest Du das Beben nochmal GENAU vorhergesagt?
> Zumindest nicht öffentlich!
Ah, der neueste und bis heute genialste Streich unsere großen
Kosmologen: Die Geheim-Vorhersage.
 - Karl Kaos über Rüdiger Thomas in dsa <hidbv3$om2$1 at speranza.aioe.org>