Yakov Shafranovich <research(_at_)solidmatrix(_dot_)com> wrote:
[snip]
There would be an issue of distributed trust. Your ISP has to establish
trust with each ISP that issues stamps. A more viable solution would be
using a few centralized authorities to issue certificates that can allow
ISPs to issue stamps. But then you run into the question of what happens
if a spammer operates an ISP. Today's CAs do not revoke certificates for
policy reasons but that can probably be changed.
Why do you think that can be changed? The CAs are in the CA business to
make money. Managing a revocation list and making it accessible is an
expense, and there appears to be no return on it. The CA has maybe never
heard of a person who relies on a certificate, has no contractual
relationship with someone who relies on a certificate, so someone who relies
on the certificate has no come-back against the CA, the CA has no liability
for any loss incurred through reliance on its certificates. On the other
hand, the CA has a clear contractual relationship with the person it
certifies (at least in the current model, where the person certified buys
the certificate from the CA), so if it revokes the certificate it may get
dragged through the courts (win or lose, being dragged through the courts is
a pain no-one wants). So why would a CA set up an expensive reveocation
mechanism and risk court action against it by its customers in order to make
someone who has no connection at all with it a bit happier?
Tom
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg