Hacker News new | past | comments | ask | show | jobs | submit login

Let's not forget that one of the most successful attack vectors is social engineering, that is, tricking people into trusting you and making you part of the WoT.



Solvable by only ever issuing marginal trust (technically, if enough people get social engineered in, that still causes a problem, but that's a lot harder than a single person.

Trusting above marginal level should be reserved for very few people if any at all. I don't have anyone with full trust.


Sure. But if you are willing to trust some CA to issue me a HTTPS cert for my domain, why are you not willing to trust that I serve my public key for this domain suing this HTTPS cert to secure its transport? Oh, sure some adversary could gain control of the web server used for this and replace my pub.pem, but then I will notice and revoke it. And once enough people download and sign my pub.pem, it no longer matters: I am now in the WoT and can remove pub.pem.


I think the issue is that a lot of people who are informed about CAs don't trust them, but we still don't have anything better that's anywhere even close to wide adoption.


That's what key revocation is about though: its an assumption that the WoT will get things wrong, but that we'll be able to retroactively undo some problems.

Conversely, it is why anonymity is an orthogonal goal for non-realtime communications.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: