Philosophically, trust isn't a "solvable" problem. It can only be mitigated to varying degrees. However, some degree of trust is probably better than none.
Philosophically, trust isn't a "solvable" problem. It can only be mitigated to varying degrees. However, some degree of trust is probably better than none.
One thing is sure, pinning trust on trust chains down from Root Certificate Authorities is fundamentally incompatible with our notion of trust and an almost absurd idea to start with. Most people using a browser don't even know any person from such an organization nor would or should they have any rational reason to trust them.
> our notion of trust
I suspect I may have a different notion of trust than you
> Most people using a browser don't even know any person from such an organization nor would or should they have any rational reason to trust them.
Back up one step further -- most people using a browser don't understand the problem set we're talking about even exists