On 2011 December 19 Monday, Jorge Timón wrote:
> Ok, so HTTP is not an option unless it shows a huge warning. I don't
> know the HTTPS possible attack, but maybe it needs a warning message
> too, from what you people are saying. Although using namecoin to

The problems with HTTPS have been social rather than technical.  Multiple CAs 
have been strong-armed by governments or tricked into issuing fake 
certificates by scammers.  There is no technical measure around that.  By 
using the CA certificate we are saying to the system "here is someone I trust 
to issue a certificate".  So far, with a large number of CAs, that trust is 
misplaced.

I'm of the opinion though that this problem is outside the remit of bitcoin to 
solve.

Perhaps we should be more strict about which CA certificates are trusted by 
the bitcoin client: say restrict it to those who have demonstrably good 
practices for verifying identity; rather than the ridiculous amount of trust 
that comes pre-installed for me in my browser.



Andy

-- 
Dr Andy Parkins
andyparkins@gmail.com