Author: Gregory Maxwell 2012-11-26 23:32:46
Published on: 2012-11-26T23:32:46+00:00
The discussion is about the importance of consistency for sellers and how it can be achieved through predicting which Certificate Authorities (CAs) the user has. The risk of unverified invoices being manipulated by viruses or users is also highlighted. The use of the OS cert store is discussed and it is pointed out that it could restrict merchants to the intersection of what ships in all the operating systems their users use. The issue of false positives in the cert system is also brought up, which can lead to people losing trust in the system. The idea of a static whitelist plus an OS provided list minus a user configured blacklist and the ability for sophisticated users to disable the whitelist is suggested as a possible solution. This would allow people to trust that if their cert is signed via one on the whitelist they'll work for ALL normal users, while advanced users who can deal with sorting out failure can still have complete control including OS based control. This way, the UI can have very strong behavior that protects people from clicking a 'disable all security because tldr' button.
Updated on: 2023-05-19T16:13:12.772228+00:00