22 Nov
2005
22 Nov
'05
3:32 p.m.
In message <17283.32422.105302.757816@roam.psg.com>, Randy Bush writes:
I believe a web of trust can be operationally feasible only if the web is more like a forest - if there are several well known examples of "tops" to the web. Otherwise, you have to be storing a plethora of different signers' certificates to be able to validate all the institution's certificates that come in.
you need those certs to verify the live data anyway
Right. The real issue is the trust determination -- how do you know that the certificate corresponds to something resembling reality (whatever that is)? --Steven M. Bellovin, http://www.cs.columbia.edu/~smb