[Servercert-wg] Displaying secure sites to Internet users

Ryan Sleevi sleevi at google.com
Sun Nov 17 16:21:50 MST 2019

On Sun, Nov 17, 2019 at 6:14 PM Christian Heutger <ch at psw.net> wrote:

> Then provide alternative solutions. What’s then reliable? Are you also
> promoting to revoke all passports and ID cards, as there are also mistakes
> been done on verifying their data? I know many occurrences of
> inconsistencies there as well, however, passports, company registers etc.
> still exist and bank accounts, identity services beside PKI all rely on
> them. Just CA shouldn’t? My name isn’t Christian Heutger, my given name on
> birth is Joerg Christian Heutger, as recent passports didn’t show, my
> driver license is just on Christian Heutger, do I need to cut it now or is
> it better than nothing. We could still just rely on, that I’m a human, as
> that’s the lowest value, which isn’t deny-able.


I think this suffers from the logical fallacy of attempting to shift the
burden of proof. It's an easy mistake to make, but it doesn't help further
the discussion.

There's a lot hanging on your question, which we haven't really yet
captured. You haven't defined the problem for which alternative solutions
need to be found, nor have we even captured how the implied solution (EV
Certificates?) solves that problem either.

It's useful to focus on what's before us, rather than getting distracted by
analogies like passports and ID cards, which don't really hold up.

Could you perhaps reframe your position into a clearly articulated problem
statement? And then a clear articulation of what you see the solution as?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20191117/23813768/attachment-0001.html>

More information about the Servercert-wg mailing list