[106717] in cryptography@c2.net mail archive
Re: Fingerprint Firefox Plugin?
daemon@ATHENA.MIT.EDU (Arcane Jill)
Mon Oct 29 13:12:10 2007
From: "Arcane Jill" <arcanejill@ramonsky.com>
To: <cryptography@metzdowd.com>
Cc: <zooko@zooko.com>
Date: Mon, 29 Oct 2007 15:23:11 -0000
-----Original Message-----
From: zooko [mailto:zooko@zooko.com]
Sent: 24 October 2007 06:52
To: Arcane Jill
Cc: cryptography@metzdowd.com
Subject: Re: Fingerprint Firefox Plugin?
> Please let us know how it works for you.
My experience is very positive. It seems to be /exactly/ what I want, because I
don't necessarily trust Verisign or Thwarte or any of the other hundreds of
Root CAs which my browser trusts. I don't believe that every single one of them
would say no if some government, or military, or corporation with enough money,
asked/ordered them to issue a bogus certificate, but I do know that if that
were to happen, the fingerprint would change, and Petname Tool would flag me a
warning. It is an absolutely wonderful tool, as it moves trust from where it
doesn't belong (a bunch of faceless organisations whom I have no more reason to
trust than the websites I'm visiting) to where it does belong (in my own
hands). I love it!
I guess other people might want to know this, either because they need to adopt
the same security principles (if they are sound), or to criticize it (if not).
Arcane Jill
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
