From section B.4.1 of draft-marid-csv-intro:
B.4.1 StartTLS
A common certificate method as used with StartTLS [RFC3207] can
authenticate an unknown server after an investment in signed
periodic
digital certificates, encryption capabilities, and services of a
Certificate Authority. This investment creates a barrier for
large-scale use over the open Internet. Reliance on the certificate
signature also adds a need to vet Certificate Authorities in
addition
to the confirmed domains.
Spontaneous communications are at the core of Internet design and
operation. So omission of a Certificate Authority is typically
allowed of clients. When this is allowed, StartTLS loses any
ability
to authenticate the relationship of the client to its claimed domain
name
Does this imply that the strong authentication provided by certificate
validation of TLS is to be subjugated by CSV, which is most likely to
be weaker authentication?
Also, I think many security-minded folks may disagree with the
characterization in the first paragraph. Opportunistic encryption with
peer authentication using TLS happens every day on the Internet.
-andy