Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month at the Massachusetts Institute of Technology, in Building E51.

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] Why the dislike of X.509?

Richard Pieri <richard.pieri at> writes:

> On 8/26/2014 10:37 AM, markw at wrote:
>> *any* shared or distributed authority has the same issue.
> Shared is not distributed. Shared means more than one entity has
> authority. Each entity is a point of compromise for the entire system.
> Distributed means no single entity has authority; a quorum or a
> unanimous consensus is required. Compromise of one entity does not
> compromise the entire system.

So where does DNS come in?  I think most DNS experts would define it as
a "distributed" system.  However there *is* a single entity that has
authority -- the root servers.  Compromise of that would compromise the
whole DNS system.  However there are watchdogs all over the world whose
role is preventing that.

I would argue that it's not a clear dichotomy between "shared" and


       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL:    PP-ASEL-IA     N1NWH
       warlord at MIT.EDU                        PGP key available

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /