From owner-freebsd-questions@FreeBSD.ORG  Wed Jan  7 02:56:55 2009
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 90ED7106564A
	for <freebsd-questions@freebsd.org>;
	Wed,  7 Jan 2009 02:56:55 +0000 (UTC) (envelope-from on@cs.ait.ac.th)
Received: from mail.cs.ait.ac.th (mail.cs.ait.ac.th [192.41.170.16])
	by mx1.freebsd.org (Postfix) with ESMTP id 154EF8FC13
	for <freebsd-questions@freebsd.org>;
	Wed,  7 Jan 2009 02:56:54 +0000 (UTC) (envelope-from on@cs.ait.ac.th)
Received: from banyan.cs.ait.ac.th (banyan.cs.ait.ac.th [192.41.170.5])
	by mail.cs.ait.ac.th (8.13.1/8.13.1) with ESMTP id n072sDBl072826
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Wed, 7 Jan 2009 09:54:13 +0700 (ICT)
	(envelope-from on@banyan.cs.ait.ac.th)
Received: (from on@localhost)
	by banyan.cs.ait.ac.th (8.14.2/8.12.11) id n072uhqW043681;
	Wed, 7 Jan 2009 09:56:43 +0700 (ICT)
Date: Wed, 7 Jan 2009 09:56:43 +0700 (ICT)
Message-Id: <200901070256.n072uhqW043681@banyan.cs.ait.ac.th>
From: Olivier Nicole <on@cs.ait.ac.th>
To: fbsd.questions@rachie.is-a-geek.net
In-reply-to: <200901061111.52155.fbsd.questions@rachie.is-a-geek.net> (message
	from Mel on Tue, 6 Jan 2009 11:11:52 -0900)
References: <20090102164412.GA1258@phenom.cordula.ws>
	<20090106102124.O34151@wojtek.tensor.gdynia.pl>
	<20090106193126.GA82164@kokopelli.hydra>
	<200901061111.52155.fbsd.questions@rachie.is-a-geek.net>
X-Virus-Scanned: on CSIM by amavisd-milter (http://www.amavis.org/)
Cc: perrin@apotheon.com, freebsd-questions@freebsd.org
Subject: Re: Foiling MITM attacks on source and ports trees
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Jan 2009 02:56:56 -0000

Hi,

> It shouldn't be so hard to give every citizen the option to "get an online 
> certificate corresponding with their passport" and similarly for Chambers of 
> Commerce to provide certificates for businesses.

Only that would mean that 200 countries become Certificate Authorities
and tens of thousand of Chamber of Commerce become too.

Would you be ready to trust some very remote Chamber of Commerce of
some thrid world country to be a a thrustworthy CA?

Not to mention that to manage these so many CA, you need an
infrastructure that is yet to be deployed.

Best,

Olivier