Ah Python, you have spoiled me for all other languages
Chris Angelico
rosuav at gmail.com
Sun May 24 11:35:37 EDT 2015
On Mon, May 25, 2015 at 1:26 AM, Marko Rauhamaa <marko at pacujo.net> wrote:
> Steven D'Aprano <steve at pearwood.info>:
>
>> On Sun, 24 May 2015 02:53 am, Marko Rauhamaa wrote:
>> "an authentication is considered valid if it is vouched for by the United
>> States, China, Russia *and* the European Union."
>>
>> [Emphasis in the original.]
>>
>> So if (let's say) the US, China and Russia all agree that a Certs-R-Us are a
>> legitimate CA,
>
> I never proposed those countries should agree on a legitimate CA. Each
> country would have their distinct, respective sets of CAs. A website
> would be considered legitimate only if it possessed certificates from
> all of the four domains.
You've added extra levels of indirection, but it comes to the same
thing. You're requiring that everyone who wants to conduct business on
the internet (taking credit card numbers etc) has to go through four
separate authentication processes, and a failure in any one of them
means the site is not considered legit.
> For the scheme to work, the countries would agree never to refuse to
> certify a legitimate entity.
Right. And "legitimate" is defined as "not refused by any of the four
countries". All they have to do is decide that something's not
legitimate, and bam, they're off air. ANY ONE of your four has this
power of veto.
ChrisA
More information about the Python-list
mailing list