Author: Gregory Maxwell 2012-11-27 00:16:07
Published on: 2012-11-27T00:16:07+00:00
In an email exchange between Gregory Maxwell, Luke-Jr and Jeff, concerns were raised about the centralized nature of Bitcoin and the need for a better system to ensure user security. The discussion focused on certificate authorities (CAs) and their role in ensuring secure connections. While a distributed-centralized model is generally accepted, there was concern that if each competing client had its own list of CAs, users would still not be sure if their CA was on all lists. Maxwell proposed the idea of using a static whitelist plus an OS-provided list minus a user-configured blacklist, with sophisticated users having the ability to disable the whitelist. However, Luke-Jr argued that this whitelist would not be different from the list of CAs included by default with every OS. He suggested taking the intersection of Chrome, Webkit, and Firefox's CA list as a possible approach. Jeff added that self-signed certificates are quite common because they are easier while being more secure than using HTTP. However, the security of such sites is undermined by the warnings users receive, which can condition them to ignore security warnings. The discussion acknowledged the issues with the current CA system but agreed to focus on everything else besides the replacement of the system.
Updated on: 2023-05-19T16:12:19.576808+00:00