Adrian Irving-Beer wrote: <snip of my own drivel> > The original (primary) idea was that the cert companies verify who you > are, sort of like PGP. Yeah, the diligent ones do this - I've gone through this many times with Entrust for clients. Thawte was pretty good (when Shuttleworth ran it), and Verisign is Verisign. The problem is that many not-so-diligent organizations have bought themselves into the chain of trust that traces back to a trusted root cert - meaning browsers will accept worthless certs as trustworthy. As long as a CA can establish a chain of authority back to a trusted root cert, Bob's your uncle. Over the last five years I've noticed a marked decrease in the quality of proof necessary to establish identity prior to cert issuance. IE automatically establishes Microsoft as a trusted root cert in every system that runs Windows. Do you think Microsoft should be trusted as a bank? or a government? I know of at least on incident where Verisign issued a Microsoft labelled cert to a clown in the states - useful for signing malware to install in luser's browsers. Microsoft signed it? It's got to be safe! Try to disable the MS root certs? All the on-line update stuff breaks. IF you don't blindly and completely trust Microsoft, you can't keep your system up-to-date and patched. > > The (secondary) idea was to prevent man-in-the-middle attacks by > ensuring that the 'in the middle' guy has to a) at least expend > more effort trying to get a similar certificate, and b) hopefully > not succeed. Successful MITM attacks can now be performed with free certs, or limited time run "trial" certs available for free by many TrustCos. My issue is that with chain of authority verification turned off by default in most browsers (bad, bad idea) and acceptance of browser developer's automatic root cert lists, users completely mindlessly trust and transact on the web with no value to the trust model. > > Obviously, I have no idea if either of these are still being practiced > by the companies in question. The idea of trusted root CA's was good in concept but it got highjacked by marketing types and turned into a cash cow. As time has passed, the lofty ideals targeted by the originators have become lost, and the model has completely failed. The PGP web-of-trust model seems to have stood up better over time because of the lack of profit motivation and the decentralized and gradiated trust concept. I trust Dave O. cause I know him face to face, so I can place a lower but still reasonable level of trust in people he certifies as trustworthy. I'm surprised no Internet/security heavyweight pundit like Schneier hasn't taken on the profit!-motivated TrustCo model as pointless and broken. -- Bill Strosberg