著者: proper 日付: To: tails-dev 題目: Re: [Tails-dev] Removing SSL CA dependency for HTP
intrigeri <intrigeri@???> wrote: > I don't believe trust is a binary on/off thing. It's not because
> entity A trusts entity B for X, that it's safe and reasonable for
> entity A to rely on entity B for more and more things other than X.
> E.g. I would not find it a good idea if the Tor project started a free
> email hosting service. And I'm pretty sure they would not, with
> good reasons.
Valid point.
Conclusion, if we are going for hidden services, we need more hidden services.
> What makes you think it's harder to impersonate a Tor hidden service
> than a SSL CA shipped by Debian? Is it that hard to generate a HS key
> with the same 80-bits fingerprint than an existing one?
SSL CA's:
- relies on humans doing their job
- has theoretical flaws
- has practically been broken, recently!
Hidden services:
- relies on technology, distributed trust
- has theoretical flaws
- were never impersonated, until now.
That's why my bet is on the hidden services horse. If hidden services get impersonated in the future, torproject will adapt and fix the issue. On the other hand, I don't expect the SSL CA issue to be resolved anytime soon.
______________________________________________________
powered by Secure-Mail.biz - anonymous and secure e-mail accounts.