You're absolutely right that when you're using ScaleFT you're trusting both us (as operators of the CA) and your identity provider (in this case Facebook, but we have a bunch of other options more suitable for most businesses).
Handing over control isn't necessarily a bad thing. For example, I trust Google to operate a secure and reliable email service much more than I trust myself, leaving me to focus on my area of expertise. But trust is a complex thing and there are certainly situations where handing control to any third party is unacceptable.
For organizations that require complete control we can integrate with any SAML or OpenID Connect identity system, and we offer an on-premise version of ScaleFT.
> I trust Google to operate a secure and reliable email service much more than I trust myself
This sentence has got nothing to do with trust. You believe (maybe rightly so) that Gmail is more secure and reliable than any solution that can be cobbled-up individually.
Simply replacing "believe" with "trust" doesn't really mean the same though. English is a funny language. But then again that's what you probably meant when you said "Trust is a complex thing". Hmmmm... :)
You're absolutely right that when you're using ScaleFT you're trusting both us (as operators of the CA) and your identity provider (in this case Facebook, but we have a bunch of other options more suitable for most businesses).
Handing over control isn't necessarily a bad thing. For example, I trust Google to operate a secure and reliable email service much more than I trust myself, leaving me to focus on my area of expertise. But trust is a complex thing and there are certainly situations where handing control to any third party is unacceptable.
For organizations that require complete control we can integrate with any SAML or OpenID Connect identity system, and we offer an on-premise version of ScaleFT.