If clients trust the cert and add it to their store, what happens when your key is stolen? Where’s the CRL And how is trust established with the provider of that CRL (which I assume is also self-signed and requires TOFU)? What if first contact is made with a MitM and trust is established with the actor?
With no third party trust anchor, how do you authenticate identity? You’ve got an encrypted connection but to who?
Certs on the public internet aren’t just about confidentiality and integrity, they’re about authenticity, something the author of the article doesn’t quite understand. Certificates are literally about binding identity to a key, with CAs providing a way to bootstrap trust of that binding.
There hasn’t really been a better proposed solution to this problem.
DANE/DNSSEC shifts trust from CAs to registrars, PGP Web of Trust is complex for users and adds friction to revocations, key pinning breaks catastrophically if you lose the key, DNS CAA just constrains the CA model but is still the same thing. Blockchain still has key loss issues and how do you handle disputes? Also you’re centralising things economically since biggest miners thus dominates.
SPKI was really interesting and actually positioned that identity key bindings via certs could negate the need for CAs if binding shifted to a protocol. It didn’t get anywhere though.
Don’t get me wrong, I have my own PKI and CA at home and “self-sign” internally but that’s fine when i can personally establish trust and authenticate but it doesn’t internet-scale where everyone is predominately strangers.
I once bought a pack of condoms from a vending machine in a gas station bathroom and the pack had a little red devil on it that looked incredibly familiar. I kept the box but goodness knows where in the house it is.
Here is how platforms die: first, they are good to their users; then they abuse their users to make things better for their business customers; finally, they abuse those business customers to claw back all the value for themselves. Then, they die. I call this enshittification, and it is a seemingly inevitable consequence arising from the combination of the ease of changing how a platform allocates value, combined with the nature of a "two-sided market", where a platform sits between buyers and sellers, hold each hostage to the other, raking off an ever-larger share of the value that passes between them.
This is representative democracy which is pretty much how most western-style democracies are today…
The risks you’re trying to mitigate are somewhat mitigated in a structure like the European Union has: the European Parliament, European Council, Council of the European Union, and European Commission, etc.
Rainbow Six Siege, Forza 6 / Horizon 3, Halo 5, Gears of War 4, Apex Legends, Fifa 20, COD:MW (remake) are a few examples of games that launched with 12 support only.
Note how they’re the big, blockbuster games that are widely played by most non hardcore gamers.
It’d take Roblox 2, COD:69, and Footballz9000 to launch with DX3D13 only to slow down the wheels on SteamOS/Linux. When average gamers can’t pick up and play the games marketed down their throats, they’ll ditch their Steam Decks for whatever MS are pedalling.
Valve have been amazing at funding and supporting CodeWeavers the past decade but even with Valve’s practically bottomless pit of money, it took 7 years just to barely catch up to a set of APIs that haven’t changed practically since 2014.
Playing catchup forever isn’t sustainable. Proton is a stop-gap while Valve try and shift an industry away from a behemoth. Native is the end goal, not maintaining middleware and a creaking stack of patches.
I mean, UWP and Appx was a thing that happened. I doubt it’ll be the last time MS attempt to shift away from PE.
Consumers are being forced to 11 and it seems to be working. I wouldn’t be surprised to see MS bifurcate their consumer and enterprise offerings to accelerate shifts in the consumer space and catalyse shifts in enterprise.
MS have been keen to take stricter control of binaries on their platform for a long time now.
The trick is to reply to posts about it saying something like “I can’t believe Nintendo are supporting the actions of ICE. I refuse to let my kids anywhere near Nintendo products!”
Again, I think you’re coming at this from enjoying Proton today but say DX13 comes out tomorrow, it could be years before Proton is compatible.
It took about 6 years for Proton to be somewhat capable at supporting DX3D 12 after 12 launched in 2014. Arguably it was closer to 7 or 8 years (that’s how long Proton took to get to the state it’s in today).
This is what I’m talking about. If MS purposefully make it difficult to reverse and reimplement (which they have an incentive to do), and game developers continue to focus and target MS platforms, we could be waiting half a decade to play those games on Linux.
If clients trust the cert and add it to their store, what happens when your key is stolen? Where’s the CRL And how is trust established with the provider of that CRL (which I assume is also self-signed and requires TOFU)? What if first contact is made with a MitM and trust is established with the actor?
With no third party trust anchor, how do you authenticate identity? You’ve got an encrypted connection but to who?
Certs on the public internet aren’t just about confidentiality and integrity, they’re about authenticity, something the author of the article doesn’t quite understand. Certificates are literally about binding identity to a key, with CAs providing a way to bootstrap trust of that binding.
There hasn’t really been a better proposed solution to this problem.
DANE/DNSSEC shifts trust from CAs to registrars, PGP Web of Trust is complex for users and adds friction to revocations, key pinning breaks catastrophically if you lose the key, DNS CAA just constrains the CA model but is still the same thing. Blockchain still has key loss issues and how do you handle disputes? Also you’re centralising things economically since biggest miners thus dominates.
SPKI was really interesting and actually positioned that identity key bindings via certs could negate the need for CAs if binding shifted to a protocol. It didn’t get anywhere though.
Don’t get me wrong, I have my own PKI and CA at home and “self-sign” internally but that’s fine when i can personally establish trust and authenticate but it doesn’t internet-scale where everyone is predominately strangers.