In this design all is about trust, where no-one can sneak in the side and setup undesired code.
Until GitHub changes its CA providers, nothing here is an issue, but if they would how could we ever recover? This is why (for now) I have in my design to sign with my private key the certificates that are being used by GitHub and Amazon, such that they can be updated if needed.
I kind of doubt that they would coordinate with us in this scheme, so it is the only thing I can imagine.
At the same time, it feels like too much power in the hands of one person.
So, if you have ideas how to improve on this scheme, please share??
PS. At the same time, we trust Apple, Google, Microsoft and who not to do the very same every day...
In this design all is about trust, where no-one can sneak in the side and setup undesired code. Until GitHub changes its CA providers, nothing here is an issue, but if they would how could we ever recover? This is why (for now) I have in my design to sign with my private key the certificates that are being used by GitHub and Amazon, such that they can be updated if needed. I kind of doubt that they would coordinate with us in this scheme, so it is the only thing I can imagine. At the same time, it feels like too much power in the hands of one person.
So, if you have ideas how to improve on this scheme, please share??
PS. At the same time, we trust Apple, Google, Microsoft and who not to do the very same every day...