[cap-talk] Firefox and identifiability, small steps or
large
Jed at Webstart
donnelley1 at webstart.com
Tue Feb 8 23:57:10 EST 2005
At 07:22 PM 2/8/2005, Ian G wrote:
...
>I think we are all agreed that the PKI
>model as deployed is "broken or in need
>of radical repair."
>
>However, where I think I differ from
>some is that I don't see that it is possible
>to change the model that is in place that
>much. In that, I know of no event that is
>likely to cause the browser manufacturers
>to change their code base over drastically
>and put in a new security model.
>
>So I see working with the current security
>model - sucky as it is - as about the only
>hope. This is somewhat ironic, given my
>past comments against the model, but
>security is nothing if not practical and
>deployed.
I believe both the Petname suggestion and the
YURL sort of mechanism fall within the approach
you suggest. There's nothing in those that to me
suggest a radical deviation from the existing
models.
Verisign might start squeaking if people were to
start having trust communicated from other sources,
but **** them, I gently argue. They've been doing
it to us for long enough, let them find another
business line.
--Jed http://www.webstart.com/jed/
More information about the cap-talk
mailing list