[125267] in cryptography@c2.net mail archive
Re: Can we copy trust?
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Wed Jun 4 10:07:51 2008
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: cryptography@metzdowd.com, mheyman@gmail.com
Cc: edgerck@nma.com
In-Reply-To: <5c8fcb9c0806031146x759cf3a5q2359f9733ee19b00@mail.gmail.com>
Date: Wed, 04 Jun 2008 18:50:50 +1200
[Moderator's note: I'm letting just this one through, because I think
Peter's point bears repeating. --Perry]
"mheyman@gmail.com" <mheyman@gmail.com> writes:
>IT departments put corporate trusted CA certificates in employees computers.
>The US DoD puts their trusted root certificates in DoD computers. All these
>actions copy trust with high fidelity.
They don't copy any trust at all, they copy a (usually expensive)
cryptographic cookie that turns off browser warning messages.
(They do copy the cookies with high fidelity though, if one bit is corrupted
then the cookie becomes invalid).
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
