[linux-elitists] SSL security certificates
Thu Apr 10 17:46:53 PDT 2003
On Thu, Apr 10, 2003 at 05:36:01PM -0700, email@example.com wrote:
> The "web of trust" is even more broken than the Thawte/Verisign
> Once you start delagating assurances like this , you've fucked
> No one in their right mind would trust it more than they would a
> self-signed certificate.
Raph Levien has put some thought into this. In the analysis of his
protocols, he classifies people (public keys) into three groups, `good',
`malicious', and `confused'. Good and confused nodes never do anything
bad directly, but a confused node may sign the key of a malicious node.
More information about the linux-elitists