[14071] in cryptography@c2.net mail archive
Re: Is cryptography where security took the wrong branch?
daemon@ATHENA.MIT.EDU (Eric Rescorla)
Sun Sep 7 23:09:17 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
To: "James A. Donald" <jamesd@echeque.com>
Cc: crypto <cryptography@metzdowd.com>
Reply-To: EKR <ekr@rtfm.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: 07 Sep 2003 15:13:43 -0700
In-Reply-To: <3F5B24DE.11625.5138C82@localhost>
"James A. Donald" <jamesd@echeque.com> writes:
> --
> On 7 Sep 2003 at 9:48, Eric Rescorla wrote:
> > It seems to me that your issue is with the authentication
> > model enforced by browsers in the HTTPS context, not with SSL
> > proper.
>
> To the extent that trust information is centrally handled, as
> it is handled by browsers, it will tend to be applied in ways
> that benefit the state and the central authority.
Yeah, I'd noticed that being able to buy stuff at Amazon
really didn't benefit me at all.
-Ekr
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
