I disagree with that assertion on a few levels. Regardless, thanks for the discussion.
There should be many trusted roots, as works well in securing https without one all-powerful corporation mediating.
-
-
it doesn't work well in HTTPS; there are various bad parties who sign things they shouldn't.
-
The certificate process is far more sound and transparent than any app store's vetting.
- 1 more reply
New conversation -
-
-
even if the HTTPS model were good (it isn't) the choice of which roots to trust is still down to Microsoft.
-
trusting indie stores is like trusting certificate authorities - & CAs can't be trusted
End of conversation
New conversation -
-
-
HTTPS's use of multiple trusted roots also opens the door to nation-state tampering.
-
Increased tampering in over-permission. Decreased tampering in over-censorship.
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.