Saturday, April 21, 2012

Bitcoin and the State: Asking Permission to Be Free

By Beautyon
Irdial Discs
Friday, April 20, 2012

https://plus.google.com/104476128363316281935/posts/G8fFSkgNW4E

Should people who want to see the widespread and rapid adoption of Bitcoin seek tight regulation and integration with the State, or should they rely only on their skills as developers, marketers and entrepreneurs to create the rock solid, reliable and trustworthy products that people will use in their millions, like the other well known internet companies that have changed the way we do things?

A Bitcoin innovator has just applied for and received a registry entry from the US Federal Government's Financial Crimes Enforcement Network:

http://www.fincen.gov/financial_institutions/msb/msbstateselector.html

On that linked page you can read the following statement clarifying FinCEN's position on each entry they list:
"The inclusion of a business on the MSB Registration Web site is not a recommendation, certification of legitimacy, or endorsement of the business by any government agency."
This disclaimer appears on the certificate as the first paragraph, in large letters. The certificate also says that, “FinCEN does not verify information submitted by the MSB. Information provided on this site reflects only what was provided directly to FinCEN”.

It appears that anyone, can register as an MSB, and the department does no thorough checking into the business, its capitalization, the backgrounds of the directors, who funds it, where those funds originate, the security of the software that powers the service or anything else about it. Registrants are not required to be insured, or make a deposit of money as a guarantee to their customers should something go wrong. Applicants simply fill out a form, and then are entered on the FinCEN database unscrutinized. If registration with FinCEN is being done by anyone in the vain hope of securing some sort of government legitimacy or seal of approval, it really does not pass muster by any stretch of the imagination.

Showing that you are registered with FinCEN cannot act as a guarantee of any kind whatsoever, and FinCEN explicitly warns consumers not to rely upon a company's appearance on their register as proof of suitability, solvency or fitness for any purpose of any kind.

On the other hand, registration with FinCEN should serve as a warning to anyone thinking about using a business that is registered with them, and who also wants to maintain their privacy. A company listed with FinCEN has explicitly entered into a legally binding agreement with them to spy on its customers and partners and has a duty to report 'large and suspicious' transactions to the State. This means that in order to be compliant, you as a customer of a FinCEN registered business must be authentically identified and contactable by the registrant so that they can interrogate you should you move 'too many' of your own Bitcoins through their service.

For the record, there is no case law, no legal requirement, no legal precedent, and no legal opinion on the status Bitcoin of any kind. As is the case with almost all of the software that connects to the internet, what you think Bitcoin is, and what you choose to do with it is entirely your business, and that is how it should be. You are responsible for who you get into bed with, and it is not the place of the State to hold your hand and bottle feed you.

The real problem behind this FinCEN registration is the thinking driving those entrepreneurs who so desperately seek a stamp of legitimacy from the State. Rather than build secure services that are sticky, viral, disruptive and useful, it appears that these well meaning people are trying to get a psychological boost by receiving the blessings of the State. This simply will not work to catapult their businesses into widespread acceptance and profitability. And it will not help to gain them users; on the contrary, in the long term, it may make it impossible for them to even operate at all.

We have been here before. Other very fine, insightful people have initiated contact with 'the financial authorities' in the hope that they can integrate their businesses with the State to gain credibility, thankfully, only to find themselves rebuffed with the retort, "Bitcoin is not money".

Entrepreneurs breathed a sigh of relief and a little surprise on reading this correct conclusion from the State, for it means that there will be a significant amount of time before they reverse their position and weigh in to crush Bitcoin businesses, if they ever bother to do so at all. If they do, it will mean going back on their previous lengthy categorical statement that Bitcoin is not within their purview.

The bottom line question is this; do the advocates and entrepreneurs who pine for the mass adoption of Bitcoin want this world-changing event to be stillborn or not?

If they want it to succeed, and become rich and famous in the process, it is logical to refrain from doing anything that will prevent a miscarriage from happening, and any sort of registration other than that which provides operators with limited liability protection is surely a grave error.

Recent history has demonstrated amply that the State is not needed to make the magic of the market happen. The evidence for this is all over the internet and is represented by the internet itself. Bitcoin is a threat to traditional banking and the State, just as the internet is a threat to censorship, telecoms businesses, companies like Kodak, Penguin, EMI and many others. Anyone who has even a slight grasp of history understands that Bitcoin is dangerous to the status quo in a very real, and absolutely lethal sense. Why then would you even think of asking for permission to operate from the very people who stand to be wiped out by the success of the innovation you are working on? Not only that, but if other companies eschew registration and avoid all the inevitable fees and restrictions that are to come, they will be able to out compete you in terms of price and ability to pivot, putting you out of business. Trying to force Bitcoin to behave like money from a legal standpoint doesn’t make any sense either in terms of the definition of money, or the entrepreneur's requirement of a frictionless market space.

The FinCEN registration in question lists the company's MSB Activities: as 'Money transmitter', with the Number of Branches equaling 1. Clearly the language of this certificate is meant to refer to physically located bricks and mortar money services with branches on the street, not a network based Bitcoin business. More importantly are the facts of how this business actually works. The company accepts money and then provides its clients with Bitcoins, and it accepts Bitcoins from its clients and remits money to them in return. It does not at any stage, transmit money directly from one client to another. Quite how this business has been construed as a money transmitter is baffling; it is no different to Amazon, in its role as a second hand book trade intermediary, because all Bitcoins are second hand goods, if they are goods at all.

As I have said before, Bitcoin is not money. I say this both because it is not money, and because it is money. If Bitcoin is money, it will either be regulated to death or hampered into a crippled, non disruptive form, or taken over by the State. On the other hand, if Bitcoin is not money, it can flourish on the strength of its features just like SSL has, protecting everyone's transactions and communications world-wide.

If no regulation touches it, what you believe Bitcoin is, and how you choose to characterize it will ultimately not affect its utility; only the software built on it will define its nature. Building services based around Bitcoin is what counts, not registering with the State. Registering with the State will not cause users to adopt Bitcoin; only a compelling service will do this.

You need only look at the newest companies with tens of millions of users like Pinterest, Tumblr and Tinychat to understand what a compelling service looks like, and of course, none of those companies sought the registration of the State before gaining many users.

What we are seeing now is a myriad of experimental Bitcoin services emerging, as developers try and discover the correct balance of features that will make up the killer Bitcoin service. You will know what this service is when the number of people using it is increasing exponentially. No registration with the State, no banking license or other poisonous anointing will cause users to flock to your service.

But what if Bitcoin really is money? If Bitcoin is declared money by fiat, then this will kill it as a platform for small software developing entrants to write and launch services. Hysteria over money (which is actually the unquenchable thirst of the State for tax) has erected very large barriers to entry for anyone who wants to set up a disruptive financial service. In the USA, entrepreneurs have the Federal Government and then the State Governments to contend with. See Facebook's recent adventures in approval, licensing and certification, as they went from State to State paying exorbitant and ridiculous license fees and submitting applications. Facebook has the money and manpower to do this, so for them it is as simple as making a decision, allocating staff and sitting back and waiting. For the starving entrepreneur however, registering as a money service in every state of the Union is an impossibility. Bitcoin as it stands now, has no such artificial and offensive barriers, and you can operate at will across the entire USA, without having to expend capital on anything other than the bones of the service itself and Ramen to keep you alive.

If Bitcoin is not money, everything changes. Essentially, it means that the world of money transfers is subjected to the same network effects that caused the internet to explode over the last twenty years, with benefits to all mankind of a similar if not greater extent.

It is hard to imagine the scale of the cascade of the prosperity that will flow from Bitcoin becoming 'the money of the internet'. The imaginations of millions of people will be focused on creating new and exiting services built around it and fueled by it, in the same way that there are new websites and services popping up that no one could have imagined in the time before the internet.

Bitcoin in the hands of millions of innovators who are free to experiment and fail with it without any cost or regulation will change everything for the better, just as the internet has. What the people who seek the baptism of the State for Bitcoin are saying is analogous to saying in 1997 that anyone who wants to run a website should be forced to obtain a license from government before she puts it online. The internet that has so changed the world for the better simply would not exist in its current form if all entrants were forced to register with the State and pay for a license. The net would have ended up as a MiniTel 2.0. Go Google MiniTel.

I find the thinking behind the idea that Bitcoin services should be registered to be perplexing and fascinating. No one would dare suggest that a man wanting to publish a magazine, newspaper or book should be required to register with the State, but when it comes to money, or something that is money-like, that people are not even sure what its true nature is like Bitcoin, a different set of rules springs into being. It is well understood and accepted that, despite being an incorrect use of the word 'right', the power to publish is a right that all free men have. Why do people not understand that this right extends to publishing anything, not just words on a page?

Extending this line of thought, if Bitcoin services need to be registered by default, why then should not booksellers be registered? Why is there no 'PubCEN' for book publishers, or any other type of seller, and why do the people who advocate registration of Bitcoin businesses not advocate the registration of book publishers? There is a long history of book banning in the west, but publishers in free countries have never been required to register before they enter the business of book printing and distribution, and books are always banned after publication, not before publication and passing through a censorship board.

There are people who assert that financial regulations and registration are needed because money can be put to bad use. If you accept this premiss, you must also accept that plain information is as dangerous as money. The Dutch government works from this position, and does not allow scientific papers to be published without the permission of the State. Yes, that is correct; scientists need to obtain export licenses to publish academic papers; sheets of A4 with type on them. This is because the information in scientific papers “could be put to bad uses”. Correctly thinking people are scandalized by the idea of having to obtain a license to publish a scientific paper, but for some reason, when it comes to money or something that is money-like, like Bitcoin, the 'thinking' changes and all of a sudden, not only is registration seen as correct, desirable and beneficial but it is actively sought out, before the applicants even have a client base.

Why does the registration fetish not apply to every good that can be sold or transferred between two people? In the USA the parasites from the State have asked this question and answered, "Why not?!". This is the reason sellers of Raw Milk and organic vegetables have found themselves raided and placed in handcuffs as armed thugs point automatic weapons at their heads. It is why people who sell their old possessions in 'garage sales' are being harassed by the State. People who are thinking properly understand that these examples of State interference in publishing and exchange are unacceptable on principle; the question that I have not had a good, fallacy free answer to however is this, “Why is a money business a special case for registration by the State?”.

Bitcoin, living on the internet as it does, can be sent and received from anywhere and on any device. If the Americans developing Bitcoin services cripple themselves with a self inflicted wound of onerous regulations, the Bitcoins will see this as damage and flow around those services. The only answer to this effect is a world-wide harmonized Bitcoin law, so that there is no jurisdiction to escape to. This is not going to happen any time soon, as we have seen with ACTA. The various states of the world reflexively imitating the American way of doing things is coming to an end, and there are markets out there that are bigger than the USA, whose government and its malignant influence has been disproportionately large. Take for example, the fallacious idea of copyright and its term of the life of the author plus 70 years. China has just passed a law essentially limiting copyright exclusivity to three months:

http://www.techdirt.com/articles/20120409/09381318430/chinese-copyright-proposal-would-allow-compulsory-licensing-music-after-three-months.shtml

If Bitcoin becomes popular in any jurisdiction other than the USA, any American FinCEN regulations will become meaningless. American companies will simply be Balkanized, marginalized and excluded from the action. Note that only companies will be affected by this; individuals on the internet spending Bitcoins in China or anywhere else will not be affected at all. Anyone who has had the experience of buying exceptionally well made and inexpensive hand made clothes from Hong Kong knows what this will mean.

Thanks to the resilient nature of the internet, a Balkanized Bitcoin at the user level is not possible. There is no way that Bitcoin transfers can be stopped as they cross borders, just as it is not possible to prevent people from pirating Warez or downloading copies of films and TV shows.

What the State can do however, is prevent entrepreneurs from building a large central hub service built on top of Bitcoin. They can make it impossible to build a business based on Bitcoin or that overtly accepts it as a payment option. As long as some countries take no action against businesses accepting Bitcoin, there will be a vibrant market on the internet running with it. If that country is China, or Indonesia, or India or Brazil or any combination of countries with large populations, there will be a huge market operating on Bitcoin. The question then becomes how can people from the repressed western economies get a piece of the action? True entrepreneurs will smell the coffee (more likely, green tea) and simply flee the evil, crony capitalist jurisdictions for freer shores. Whatever solution is found by the creative people, the public that could use and benefit from the services is the ultimate loser, as they are reduced to using buggy, buggy whip, legacy surveillance systems from the twentieth century to make purchases online. That's credit cards over the internet by the way.

If you want to have a glimpse of what the repression of a service provider that is a central hub for Bitcoin might look like, you need look no further than the recent Hollywood sponsored armed raid and shut down of the file locker service Megaupload. People are still sharing files by the billion, but this business has been shut down and has had its assets seized. Rapidshare and several other file locker services have unilaterally capitulated and neutered their services so as not to attract the vicious attentions of the State. The Megaupload raid demonstrates the lengths parasites will go to to violently attack entrepreneurs.

Fundamentally this is a problem in morality and ethics. There is a difference between creating a piece of software and keeping its source code proprietary and secret, like Adobe's Photoshop, and using the State to kill competition. One is selfish and evil, and the other is a legitimate form of business practice arising out of the technology.

In crony capitalist countries, businessmen have the ability to use the State to kill and restrict competition. They do this because they do not have the will or the ability to survive in a free market; its easier to kill the competition than to be creative.

People who try and gain advantage through the leverage of the State are evil in my opinion; through no one's fault but theirs, they are not able to compete on a level playing field, and so they use violent tactics to keep competitors from entering.

It's rather like mobsters setting fire to businesses that try to emerge in their territory that compete with existing firms that they 'tax'. It is immoral, unethical, criminal and short sighted, and ultimately will fail, because the world is not suffering under a single mob's jurisdiction.

Now that computing in hand held devices has permeated every corner of the globe, we are beginning to see beneficial services emerge that are changing everything. M-PESA is a good example, where in a country with a population that is mostly unbanked, mobile phones have served as the platform for prolific money transfers. Superimpose the features of Bitcoin on the M-PESA success and then scale it to the entire world and you begin to see just what sort of revolution we are on the cusp of.

People talk of Bitcoin in terms of revolution. I agree with this sentiment, however a revolution, by definition, cannot happen by command or sanction of the State. The State is the carbon rod for your back that prevents critical mass. The State destroys revolutions in the field of business especially when those businesses constitute an attack upon it and its ability to control. Bitcoin cannot become a revolutionary service if it is regulated by the State. If you want this revolution to happen therefore, asking the State to authorize, shackle and penalize you doesn’t make any sense.

Bitcoin businesses will need to survive on very low margins. In order for them to spread into every transaction on the internet, the cost of getting them has to be very low. More market players will drive the cost of getting them down, and cause entrepreneurs to innovate. Artificially high barriers to entry will winnow out the small, agile entrants, and allow the remaining large players to charge a higher percentage for transactions. This will function as a form of friction when you enter or exit the Bitcoin ecosystem, slowing down the adoption and rates of transfer of money to and from Bitcoin. This is why no interference from the State of any kind is desirable. From a purely business point of view, regulations, license fees, guarantees, KYC reporting requirements, secured deposits and all arbitrary rules are very damaging to Bitcoin business models because the customer ultimately pays for them. Useful services will be crippled, delayed and even prevented from emerging by the State. What is needed is a plethora of different businesses and outlets, not a small number of State protected and sanctioned monopoly players. This is best for the consumer as well as the entrepreneur.

There is nothing anyone can do to stop a determined Statist from trying to shut out competitors by running to the State for protection. I guarantee you however, that someone is going to go to court to challenge the idea that Bitcoin is money, and that arbitrary licenses, fees, guarantees, registrations and everything else that comes from the State are applicable to Bitcoin businesses. Someone is going to make this challenge, perhaps on a purely philosophical basis, and the facts are going to be on their side.

When this happens, the court is going to either have to declare that Bitcoin is money, or that it is not money. Both of these outcomes have significant repercussions. If the court decides that Bitcoin is money, it means that anyone downloading the source and starting their own Block Chain has de-facto started their own currency. The last person who tried to start their own currency, Bernard von NotHaus, faces 15 years imprisonment and a fine of not more than $250,000 after being found guilty of counterfeiting by a jury. This will be the penalty for running an unlicensed Bitcoin Block Chain in the USA, should the Statists get their way and have the court rule that Bitcoin is money; anyone trying to set up a Block Chain will be branded a counterfeiter.

The next logical outcome is that the Bitcoin client will be regulated and re-engineered by the State or its agents so that it works (or doesn’t work) in ways that they stipulate. The lead developers of Bitcoin will either be coopeted by the State or replaced. If Bitcoin is money, the State will demand that it has absolute control over the network, since it is a part of the national infrastructure. This is exactly what they are doing now with the internet, threatening everyone with their vile 'kill switches', Domain Name seizures and bogus legislation.

Money is like plutonium to the State. They know its true power, and are obsessed with controlling it because they understand that by controlling the supply and nature of money and its flow, they control everything and everyone. To imagine that they will allow Bitcoin to be regulated with a 'light touch' is naïve in the extreme. The State will do anything they can to strangle Bitcoin if they cannot control it absolutely, and as the move to all digital money gathers steam (see MintChip http://onforb.es/IKPO5T and the fact that Denmark is openly and seriously considering going cashless: http://bit.ly/JeRgj9) the threat of Bitcoin will become absolutely clear even to the lowest and most stupid apparatchik.

This is entirely separate from the threat that the established money businesses will wake up to when Bitcoin takes off. These established businesses will work overtime to kill Bitcoin from both sides, the legislature and the service, to destroy Bitcoin businesses. They will lobby hard for equal regulation turning Bitcoin businesses into banks, while at the same time, denying service to any Bitcoin business, cutting off their ability to remit monies to their clients. Just ask those Bitcoin businesses that have had their bank accounts summarily terminated in a coordinated attack what this is like.

Bitcoin is a threat to the State, and in an all electronic money world, it is an existential threat. There is no possibility that the State will allow Bitcoin to supplant or even co exist with their centralized electronic fiat currency; the only way Bitcoin can win is if it becomes too big to destroy without dealing a fatal blow to the economy. I assure you that if SSL did not exist, it would not be adopted now because of 'fears over terrorists hiding their communications'. At the very least all SSL communications would require a back door in the form of the secret key being deposited with the State. This was actually legislated in France with PGP key pairs. It follows from all of this that what is required is the building of the world-changing Bitcoin services that are needed, without running to the State for prior approval or licensing, so that they become a de facto standard service that if it is tampered with in any way, will kill society.

Running to the State does not confer legitimacy. Amazon, Ebay and Underwriter's Laboratories didn’t need the state to confer trust or ensure reliability; they built consumer powered systems to protect their users and have grown very large and very trustworthy. Building trust takes time, and the people running to the State for its stamp of approval as a substitute for building trust over time and the related mechanisms that manage it are not thinking long term and are not willing to do the hard work of entrepreneurs.

If people think that a registration entry with the State will help them raise capital, they are mistaken. The evil talisman of the State will not convince any venture capitalist that an idea is sound; voo-doo signs and badges are not what VCs are looking for. Venture capitalists are looking for the killer idea, and the team that can execute it. The idea does not have to be particularly new or innovative, as we can see with TransferWise, which is as dull and disruptive as dishwater, and registered to the hilt. What is needed with Bitcoin is a single compelling idea, an irresistible concept and solution to a problem that only Bitcoin can solve.

We know that Bitcoin is revolutionary and extraordinary and that it is as disruptive as the internet itself. What is missing from the disruption equation is a consumer friendly set of features and capabilities that will cause its adoption to go viral.

Integrating with the State is not one of these features. No user out there cares that you have jumped through some arbitrary hoops for approval by the State. You need look no further than Skype to see what a proper approach to innovation looks like. No Skype user cares whether or not Skype has a license to operate as a telephone service; all they care about is that they can download the software and make perfect calls world-wide for nothing straight out of the box. The same is true for Bitcoin. All people want is to be able to download it, use it, buy what they need and transfer money to their friends and family as easily as possible. In order to make that happen, software expressing the correct small feature footprint and business model needs to be designed and developed, which has nothing to do with licenses from the State.

This registration of a Bitcoin business with FinCEN is a mistake, but it is not a big deal. FinCEN registration is not compulsory for Bitcoin businesses and they can painlessly de-register. What is wrong here is the signal that is being sent and the thinking driving the voluntary registrants to submit themselves to this, and it is this thinking that needs to be addressed.

As Bitcoin grows, this precedent of reflexively registering Bitcoin services as money services will be used to compel other entrepreneurs to register their businesses, and eventually they will all be made to pay fees and obtain arbitrarily crafted licenses, and that is an entirely bad thing. For anyone that wants to run a Bitcoin business in the United States of America that is. Banks in Switzerland are shunning Americans, closing the accounts of all U.S. citizens precisely because the U.S. regulations are completely over the top. The sensible, rational people of the world are simply not willing to put up with this mania. There is no money in it and it is immoral.

Finally let me be make my position on Bitcoin developers and entrepreneurs clear. Bitcoin is a tool and business for heroes. It is an unprecedented and unique invention, that straddles the abundance world of digital information and the world of scarce physical money. Bitcoin has the potential to transform the world. The people who involve themselves with it at any level are the forward thinkers, the brave and the innovative. They are the true entrepreneurs and pioneers, the risk takers and leaders. They are the sorts of people who make the world a better place to live in. I support them and their efforts.

The urge to succeed and to be a part of this revolution is very strong for entrepreneurs, and the desire to cover every possible eventuality to avoid pitfalls is just as powerful. In trying to reassure a skeptical public, some people make the critical mistake of believing that obtaining the stamp of approval of the State will help them reach their goals. This is a fundamental error, but it does not mean that they are bad people, in fact quite the contrary. These entrepreneurs are willing to fully expose themselves to the State and its humiliating scrutiny as a sacrificial demonstration of their clean purposes, good will and intention to offer a useful and trustworthy service. In the world of software however, there is absolutely no need for the State to certify people for any particular purpose.

The risk of involving the State in the early stages of Bitcoin's development is high. It could at the very least, retard the progress of Bitcoin and at worst, prevent the mass adoption of this new idea. And that would be a tragedy as great as if the internet had ended up as a world-wide AOL.

Reprinted with permission.

6 comments:

  1. Excellent. Excellent.

    The future is bright for bitcoin - with or without the US.

    Bitcoin will be grease for the machinery of humanity.

    ReplyDelete
  2. Good insight! Thanks.

    ReplyDelete
  3. thebitcoinreview.com

    over 800 sites listed

    http://www.thebitcoinreview.com/

    ReplyDelete
  4. The Euro Currency in the Light of the Progression Theorem

    Symposium on the Centennial of 'The Theory of Money and Credit'.
    Recorded 9 March 2012 at the Ludwig von Mises Institute in Auburn, Alabama.
    [20:16]
    From: Austrian Scholars Conference 2012 , Thursday, March 08, 2012

    by Thorsten Polleit

    MP3 file:
    http://library.mises.org/media/Austrian%20Scholars%20Conference%202012/The%20Euro%20Currency%20in%20the%20Light%20of%20the%20Progression%20Theorem%20Thorsten%20Polleit.mp3


    or:
    http://mises.org/media/7401/The-Euro-Currency-in-the-Light-of-the-Progression-Theorem


    The "progression theory" proposes that there is a natural progression by
    which the State seizes the function of money, monopolizes it by replacing it
    with fiat money, and the last stage is a single worldwide fiat currency.

    see also:
    The euro in the light of the progression theorem
    By Thorsten Polleit

    http://thorstenpolleit.com/ASCMarch2012.pdf


    [A lesson for Bitcoin as well. The Leviathan State cannot allow any truly private currency that it cannot control or press into its service for the purposes of taxation. The price of financial liberty from such a State will be that Bitcoin must come under increasing attempts by the State to crush it and anyone who dares to use is.

    Just recall what the US branch of the Leviathan State did to the founders of e-gold. They cozied up to the State by domesticating in the US and cooperating with its law enforcement officials, who showed no mercy when the time came to crush it.

    ReplyDelete
  5. > At the very least all SSL communications would require a back door in the form of the secret key being deposited with the State.

    Even if it's a not very known fact, SSL as used today in our browser has this backdoor.

    The flaw is not in SSL itself but in the handling of the certificate chain: our browsers comes with a set of "trusted" certificate issuers, so that every certificate issued by them is automatically considered trusted.

    The problem is that the government has the power to go to one of those central issuer (as Verisign) and force them to release a valid certificate to be used for a "man in the middle" attack, thus sniffing all the traffic of the user, while making everything work normally.

    So, while I think your reasoning is sound, the example you provide is not :-(

    ReplyDelete
    Replies
    1. I must argue with your SSL being vulnerable to the issuing agency argument.

      The way Verisign or any other authority makes your certificate "trusted" is by signing your _public_ key. They never see the private key which you generate yourself.

      This means the an trust authority, or a government with control over a trust authority could make a NEW certificate pointing to any domain.

      However, they could not impersonate an already issued certificate due to the fact that they never had access to the public key.

      I do admit that the way browsers are set up is flawed in that they will accept a different but informationally identical certificate as valid, however a quick change to the source code would correct that.

      Most software other than browsers will scream bloody murder if the certificate is different. Open source browser could be made to adopt that behavior today.

      While it is a bit of a threat with the current model it certainly can be worked around.

      Delete

Note: Only a member of this blog may post a comment.