> Because you rely on trust thousands of times every day,
Of course; everyone makes countless decisions about who to trust every day, as we adapt to our changing knowledge, environment, and situation. These decisions are necessarily unique to each person.
Trust is not transitive.
You can recommend some{one,thing} as trustworthy, and you an explain why you trust some{one,thing}. However, you cannot get other people to trust a 3rd party - even if they do trust you - simply by fiat. Trust is earned, and betraying existing trust is very hard recover.
This attitude that asks users to believe that trust is transitive but risk is not transitive is misguided, rude, and possibly sociopathic.
So you only browse sites whose SSL cert was issued by Mozilla? Or do you trust the SSL root Store provided by Mozilla and your OS and, transitively, everyone they trust?
No, I do not trust the entire set of root authorities provided by Mozilla. I have disabled some of the certs. The entire PKI system - as currently implemented - is another abuse of trust. The user needs to be informed about the chain-of-trust that is currently vouching the website they are using. The user also needs an easy way to indicate who they trust and the scope/limits of their trust. A proper web of trust[1] can respect the user.
That you've disabled some of the Mozilla roots is laudable. However you're still trusting every other root to trust their intermediaries to trust their intermediaries and on and on to trust the people they issue certs to. This is fundamentally how the modern internet works. The same is true for DNS as SSL.
As for your solution: a web of trust is also transitive, unless your depth of trust is one. If your depth of trust is one, the only way you're productively browsing the internet is by doing TOFU for every single cert at which point I have other questions.
You're completely missing the point; this isn't about technical protocols, nor is it about minimizing trust. I can choose to agree with Mozilla or a root CA[1]. Trusting intermediaries does not necessarily involve transitive trust. Someone that trusts Mozilla does not necessarily also trust a 3rd party simply because Mozilla trusts them. Mozilla cannot simply force anyone to trust a 3rd party by fiat, and attempting to do so (such as in the current situation) can easily be seen as a betrayal.
[1] re: root CAs and "trust the people they issue certs to" - that isn't how the current PKI system works. The CA is only vouching for the validity of a certificate. Trusting a CA's claims about the identify of the other end of a SSL connection is orthogonal to the trustworthiness of the 2nd party at the other side of the SSL socket.
SSL or not, websites are someone else's computer(s), they should not be trusted and you shouldn't be sending anymore personal data then necessary to use the service. My point is that the software on my computer should not betray me and it's relatively easy to tell if it could. If there's no code in the software to send data out then it's good to go, no one needed to write any code and no one needed to opt-in or opt-out.
So it's all or nothing? With software it's really easy to not require trust, in fact it's harder for everyone involved for the requirement to be added. If Mozilla wants to be a user-data selling whore, then they need to be that and say that's what they are, or don't say anything about it at all like Chrome. They definitely shouldn't be selling user data and also saying user privacy is a primary focus.
