"Who decided that a centralized entity could be the authority for these things, anyway, instead of a Web of Trust?"
Usability.
Try explaining to a non-technical person how to bootstrap their trust system.
Things either "just work" or they are broken, at least for 99% of users. I'd even count myself as part of that group. I'm a highly technical user, but I'm usually too busy to futz around with stuff. I get something akin to road rage when stuff doesn't work and get out of the way. I played a lot with stuff when I was younger but I don't have time for that crap anymore.
> Try explaining to a non-technical person how to bootstrap their trust system.
It can be automated. There are many examples now of headless networks- Bitcoin, Bittorrent, etc. A browser could connect to such a network, and when connecting to a server, could verify how many signatures from other parties have signed the certificate from that server. Then, this information could be cached, as long as the public key stayed the same. The process would have to be renewed for any new domain connected to via HTTPS, though.
From an administration standpoint, the domain holder would just have to request that a certain number of existing entities sign their cert. Maybe they could pay them a nominal fee to cover the admin task.
Admittedly, it took me years to come around to understanding this stuff (which is, essentially, public-private key encryption and digital signatures, and where "trust" comes from, and reading about PGP/GPG) to enough of a degree that the existing system started to not make much sense to me.
I believe Namecoin (http://namecoin.info/) tried to solve this problem using Bitcoin blockchain tech, but they appear to be WAY before their time. Using their tech, I believe that both domain name management as well as certificate generation and signing could be automated.
The problem is that we're mixing encryption and authentication in one bag. Somehow we've managed to teach every non tech-savvy users to be more scared of a self-signed certificate than browsing the very same page unencrypted.
"Accessing the server directly via http://213.73.89.123/ currently appears to work quite well, thereby rendering the censorship efforts useless."
So would appear to be at a DNS level of blocking perhaps, tested the internet access I have at hand currently (using ISP's DNS offered to punters and not direct IP access):
Three (Mobile telco) works upon a data dongle. Also O2 (Another mobile network) works just fine with this site. The last also covers a large user base internet access wise and tends to be up there with regards of blocking sites at governmental whims.
So beyond Vodaphone do we know which other UK ISP's also block this site?
Both https://www.ccc.de/ and http://www.ccc.de/ and all pages below those reachable fine on EE consumer adsl over copper here in sunny Birmingham UK. I happen to be using Epiphany web browser on an alpha install of gNewSense 4.
The Open Media gallery in Birmingham (just under part of New Street Station) has a joint exhibition by a local artist and the CCC.
I am absolutely against this blanket form of ISP-level censorship, but I have to wonder if the intended clientele of CCC (i.e., technically-minded, curious, etc) would be very the near the top of the list of people who could bypass this block with trivial effort. Sort of self-defeating, really.
If you were a young, inspired enthusiast and you never found out that CCC existed, don't you think that's sad? It's unfair to deprive such knowledge, from someone who hasn't had the chance to find it yet.
In most parts of the world optional means something you can opt-in to. Not something you have to painfully opt-out and be permanently put on the list of "those people".
In most parts of the world optional means optional.
If you're talking about the US in particular there are MANY things which are opt out (e.g. newsletters, sharing your information, recurring subscriptions after trial, organ donation (in some states, when applying for a driving licence), nude body scanners, and so on).
While I agree these filters should be opt-in, not opt-out, I think your claim that most of the world does it the other way is simply inaccurate. Even with kid-friendly net filters a lot of other countries and ISPs you are opted in unless you uncheck that box or request it.
Which register are you put on? Or are you willing to state that you are completely sure that you are put on no register at all and this information that you "unticked a box" will not be used against you?
None, to my knowledge. Your ISP obviously has a 'no filters' flag somewhere, but they're not exactly telling the Government.
> Or are you willing to state that you are completely sure that you are put on no register at all and this information that you "unticked a box" will not be used against you?
We have pretty strict privacy laws, using it against you would probably be illegal.
The filters you refer to aren't the ones CCC is moaning about. Yes, The Pirate Bay (on its original domain only) and a limited number of proxies are blocked by court order on the few popular ISPs that control most of the market. But the CCC isn't, and the vast majority of the stuff people are upset about isn't.
The CCC isn't wrong (I assume), the poster that TazeTSnitchzel was replying to is wrong. The CCC's website is, according to them, caught up in the content filters that all ISPs now provide as an optional service, which block things from pornography to filesharing and gambling sites.
The majority of people in the UK are not currently under this filter, and the rest can opt out if they choose to do so. This is not the case with court-blocked sites like The Pirate Bay.
WOW Having read the history of that company I'm somewhat flabbergasted at the prospect that a company that made child porn would be protected intellectually over the Chaos Computer Club, which we can safely say has nothing in common with this Color Climax Corporation. More so for the UK at least, given such practices in such times were not legal then. Though I suspect this would be some EU ruling and the moral and ethics of this are moot in the black and white production line of the legal world in some fields sadly. Processed guilty by default and you have to prove innocents by exception, which seems to be how anything copyrighted on the internet is handled.
