To:
Steve Hanna <steve.hanna@sun.com>
Cc:
keydist@cafax.se
From:
Ted Hardie <Ted.Hardie@nominum.com>
Date:
Thu, 3 Jan 2002 14:03:40 -0800
Content-Disposition:
inline
Delivery-Date:
Thu Jan 3 23:03:43 2002
In-Reply-To:
<3C34C627.5B46D6B6@sun.com>; from steve.hanna@sun.com on Thu, Jan 03, 2002 at 03:59:19PM -0500
Reply-To:
Ted.Hardie@nominum.com
Sender:
owner-keydist@cafax.se
User-Agent:
Mutt/1.2.5i
Subject:
Re: From whence we came...
On Thu, Jan 03, 2002 at 03:59:19PM -0500, Steve Hanna wrote: > The requirement for a single global trusted root does bother me. > That's why I would rather use a PKI, where the user can configure > their own set of trust anchors. Most users will be happy with > whatever ships with the browser, but people who care can always > change it. And administrators who care can change the defaults > in the configuration files they distribute with the browser. Many internet applications don't have a user, much less a browser. It would be very useful for that class of applications to have some trust anchor that is globally available. If that trust anchor can in turn provide mechanisms that allow applications or users to pick and choose among other trust anchors for specific purposes, it would be a Good Thing. But we need someplace to stand if we're going to use this lever to move the world. regards, Ted Hardie