> This, in my opinion, can make all US encryption, even US-based
> certificate authorities really untrustworthy. What is to stop them from
> getting GoDaddy to give up their root certificates with a NSL and a
> small legal justification?
We need to catch a CA which does this, for example using Certificate Transparency.
Then handing over the CA private key is equivalent to committing company suicide.
This means that
1. CAs will fight with all they've got
2. If corruption is successful, eliminates US CAs one by one until there are none left to compel.
> some have suggested a rule #5: don't distribute updates automatically
> to your users and don't implement security critical functions in code
> that is delivered to the client via the server.
I don't think disabling auto-update is a good idea. What we need is secure auto update.
This involves:
1) requiring multiple signatures on the update by people in different jurisdictions
2) Reproducible builds
3) A Certificate Transparency like log of all updates.
I believe TOR is doing some work on points 1) and 2).