With regards to the thread on multiple TA-Authorities (TAA), this
is why
I was a bit insistent earlier that we focus initially on the
Enterprise
environment (since its easier).
Within the Enterprise there is typically a single TAA (eg. IT admin),
and she/he will be the entity doing the adding/deleting of all Trust
Anchors for all the machines & devices within the Enterprise. (PS. I'm
assuming here that commands to install/delete TAs will be
accompanied by
the appropriate source authentication).
In the Consumer space, TA usage and management may have to be
application-driven. Meaning that if an organization (e.g. Bank,
SalesForce.com, etc) requires its TA to be present at the client
end-point before allowing a transaction, then the home-user will just
have to accept such installation (ie. press "Yes" at the dialog box).
If a Bank's TA is inadvertently deleted (eg. by a user, malware or
another TA), then the Bank will just have to install it again the next
time the user seeks to transact with the Bank.
If a virus or malware succeeds in deleting or modifying TAs at a
consumer machine, well the consumer will simply have to (somehow)
install them back agaian (eg. from backup).
/thomas/