On Mon, Feb 21, 2011 at 2:34 PM, Tim Wilde twilde@cymru.com wrote:
Any static list is going to, by definition, have to exist within the source code, and thus will be very easy for an even moderately determined censor to find. If we're going to do that we had better be doing it with something that we know will cause massive collateral damage and thus would be much more likely to be avoided; I just don't see that happening with any of these devices.
I agree that forcing collateral damage is the key here. The current code generates `random' certificates, but it's pretty easy to pattern match them and there's no collateral damage to doing so.
The hope was that something would be an obvious candidate. I've seen the Internet Widgets certificate a fair bit in personal experience, but it appears much less frequently than I expected.
If the random generation could be made much better then it's a reasonable answer, at the cost of more code complexity and no collateral damage. I suspect that the cat and mouse game only stops when the collateral damage is too large, or all self-signed certs are blocked.
AGL