In this case DigiNotar is being removed from browsers because nobody that lives in Mountain View happens to visit sites signed by DigiNotar. And aside from being Dutch, they're also unusually small (they only made 100k in revenue from certificate sales this year).
This is not the common case. There was a very similar incident with Comodo in March, and they weren't removed. This is because Comodo certifies some non-negligible portion of the internet (between 1/4 and 1/5th of certificates), and so removing them would break a lot of things.
The same is true for VeriSign, Thawte, Comodo RAs, Geotrust, Equifax, etc...
I don't trust any of these parties, and yet I kept them in my trust DB for years, because without them the internet was unusable.
What Convergence aims to do is make trust agility even easier than it was for DigiNotar, which itself was unusually simple for the CA model. It also aims to invert the trust relationship, and put trust decisions fully in the hands of the client.
I can appreciate that, I'm just not sure I understand how that will happen. I don't have a direct trust relationship with the vast majority of the internet, so I need to put my trust in somebody else I have a closer relationship with.
Right now, I trust the browser/OS vendors with the ability to black-list individual CAs (or white-list, as the case may be). In the "trust agility" model, I just have to choose somebody else I trust, right?
Maybe as a technical person who spends time in the security world, I can figure out who that should be, but isn't the average person going to find themselves in the same situation (trusting the browser/OS provider)?
Perhaps the better way to phrase this question is thus: How does this prevent 1/4th of the SSL Internet from going down when Comodo gets hacked?
The problem is that right now, in the common case, the browser/OS vendors can't black-list individual CAs. Their ability to do so with DigiNotar is exceptionally rare, and would not be possible most of the time.
Trust agility ensures that clients have the ability to make these trust decisions easily. A client does not necessarily have to be a user, it could still be the browser/OS vendors. For details on how Convergence works, in order to answer your question of how it prevents 1/4th of the SSL internet from going down when Comodo gets hacked, the best reference is (unfortunately) still the presentation: http://www.youtube.com/watch?v=Z7Wl2FW2TcA
The presentation cleared things up marvelously. It may be worth adding the presentation to the convergence.io details page, even if it was just a clip of the last few minutes where you talk about notaries. Once you went through that, everything cleared up.
This is not the common case. There was a very similar incident with Comodo in March, and they weren't removed. This is because Comodo certifies some non-negligible portion of the internet (between 1/4 and 1/5th of certificates), and so removing them would break a lot of things.
The same is true for VeriSign, Thawte, Comodo RAs, Geotrust, Equifax, etc...
I don't trust any of these parties, and yet I kept them in my trust DB for years, because without them the internet was unusable.
What Convergence aims to do is make trust agility even easier than it was for DigiNotar, which itself was unusually simple for the CA model. It also aims to invert the trust relationship, and put trust decisions fully in the hands of the client.