
CA Risk/History - dfc
http://wiki.cacert.org/Risk/History
======
rdl
This seems to be missing the fundamental vulnerability: there are hundreds of
CAs each allowed to make certs for any site.

At the very least, there should be a system where a site can safely declare
which CAs are allowed to sign certs for it, once one of them signs for it.
Otherwise, every marginal CA added decreases security. Some of the pinning
options work for this (cert/ca pinning, vs. key pinning like in Chrome), but
then you're exposed to "registrar blackmail risk", or issues when a CA just
goes out of business or something.

This is all sort of a problem for https server certs, but really destroys the
utility of the system for s/mime or any client certs other than internally
issued.

