No, but they decide the moderation policy that incentivizes the content produced (by nature of selecting which users feel comfortable using their product and which do not).
For example, I do not feel comfortable using the same platform as people that post child sexual abuse material. X's Grok is infamous for generating such content on demand. I opt to use platforms that do not have this as a first-class feature. X has selected against my participation and for the participations of people who hold a contrary opinion to me. Even if Grok stops producing CSAM, that selection bias will persist.
Can you explain a bit more what you mean by "secure" in the context of "actual revocations"? The oxymoronic nature isn't self-evident enough for me to catch your intended meaning before my first cup of coffee.
How can you falsely revoke a certificate? If an attacker can revoke a certificate, either by falsifying the signature or possessing the necessary key material, it is by definition not a trustworthy certificate anymore, and the revocation is therefore correct.
In the public CA PKI, it is the CA which has the power to revoke their issued certificates. In other systems, it can be the private key for the certificate itself. In either case, the certificate is not to be trusted anymore.
Revocation is the least of your worries should your signature algorithm be broken in the future.
If you don't have the private key on hand to issue a revocation, your next best bet is to find a parser bug that convinces some subset of user agents that the valid certificate you don't hold the private key for is actually invalid. (Hence, a false revocation.)
And then, get those users into the habit of accepting invalid/revoked certificates if they want to access the site. And then after weeks of battling against their patience or endurance, then you offer an invalid cert for a MitM.
If you receive a forged crl, in the worst case it will revoke certificates that you can't trust anyway. Even if it says "certificate X is still good", that's equivalent to receiving no crl.
Yes but if you compare urban areas (where 80% of people live in both continents) in US and Europe it's not massively different (Europe maybe 2-4 more dense depending on the country/city).
Obviously you're not going to lay fibre to the last 1% of population in the US (for the most part).
Quantum computers don't break SHA256, nor would this attack be "reasonably attributable" to a SHA256 break.
In fact, if you have funds in a wallet that has never spent a transaction before (only received), it's still reasonably difficult for a CRQC to steal your funds. The trick is, the moment you've ever spent a transaction, now your public key is known (and therefore breakable).
(Yes, I'm aware of the literature on quantum search vs hash functions, but it's not a complete break like RSA or ECC.)
reply