On Thu, May 23, 2002 at 03:05:49PM -0400, Adam Shostack wrote:
So what if we create the Cypherpunks Root CA, which (either) signs what you submit to it via a web page, or publish the secret key?
This won't achieve the desired effect because it will just destroy the S/MIME trust mechanism. S/MIME is based on the assumption that all CAs are trustworthy. Anyone can forge any identity for clients with that key installed. S/MIME isn't really compatible with the web of trust because because of the two tier trust system -- all CAs are assumed trustworthy and all users are not able to sign anything. By issuing a key and revealing it's private key, you elevate a rogue user to being a CA and then the system would be broken.
We then get the Cypherpunks Root CA key added to the browsers--it can't be that hard, the US postal service managed it...
I think you'd have to do it in reverse to stand a chance if you literally published the private key -- they're never going to add the public key for a known compromised private key. Also it costs lots of money, and takes some time to take effect. Adam