From owner-freebsd-questions@FreeBSD.ORG Wed Jan 7 02:56:55 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 90ED7106564A for ; Wed, 7 Jan 2009 02:56:55 +0000 (UTC) (envelope-from on@cs.ait.ac.th) Received: from mail.cs.ait.ac.th (mail.cs.ait.ac.th [192.41.170.16]) by mx1.freebsd.org (Postfix) with ESMTP id 154EF8FC13 for ; Wed, 7 Jan 2009 02:56:54 +0000 (UTC) (envelope-from on@cs.ait.ac.th) Received: from banyan.cs.ait.ac.th (banyan.cs.ait.ac.th [192.41.170.5]) by mail.cs.ait.ac.th (8.13.1/8.13.1) with ESMTP id n072sDBl072826 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 7 Jan 2009 09:54:13 +0700 (ICT) (envelope-from on@banyan.cs.ait.ac.th) Received: (from on@localhost) by banyan.cs.ait.ac.th (8.14.2/8.12.11) id n072uhqW043681; Wed, 7 Jan 2009 09:56:43 +0700 (ICT) Date: Wed, 7 Jan 2009 09:56:43 +0700 (ICT) Message-Id: <200901070256.n072uhqW043681@banyan.cs.ait.ac.th> From: Olivier Nicole To: fbsd.questions@rachie.is-a-geek.net In-reply-to: <200901061111.52155.fbsd.questions@rachie.is-a-geek.net> (message from Mel on Tue, 6 Jan 2009 11:11:52 -0900) References: <20090102164412.GA1258@phenom.cordula.ws> <20090106102124.O34151@wojtek.tensor.gdynia.pl> <20090106193126.GA82164@kokopelli.hydra> <200901061111.52155.fbsd.questions@rachie.is-a-geek.net> X-Virus-Scanned: on CSIM by amavisd-milter (http://www.amavis.org/) Cc: perrin@apotheon.com, freebsd-questions@freebsd.org Subject: Re: Foiling MITM attacks on source and ports trees X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Jan 2009 02:56:56 -0000 Hi, > It shouldn't be so hard to give every citizen the option to "get an online > certificate corresponding with their passport" and similarly for Chambers of > Commerce to provide certificates for businesses. Only that would mean that 200 countries become Certificate Authorities and tens of thousand of Chamber of Commerce become too. Would you be ready to trust some very remote Chamber of Commerce of some thrid world country to be a a thrustworthy CA? Not to mention that to manage these so many CA, you need an infrastructure that is yet to be deployed. Best, Olivier