Web of Trust (a revolution)
Bruno Wolff III
bruno at wolff.to
Mon Mar 30 16:42:10 UTC 2009
On Mon, Mar 30, 2009 at 09:18:45 -0700,
Craig White <craigwhite at azapple.com> wrote:
> ----
> I agree that you are discussing the present day practical limitations
> but the concept of an open certificate authority would seem to defeat
> most, if not all of the problems of a corporate certificate authority
> such as Verisign or Thawte, etc. It would seem that those who harbor
> those concerns should join openca.org, help it reach critical mass, help
> it get root certificates installed in browsers by default, etc.
That isn't the real issue. I am not going to trust OpenCA any more than I
trust Versign or Thawte now. (i.e. if they have their certs in by default,
it just makes more certs for me to remove.)
What really needs to happen is a more sensible way of handling ssl connections.
What Firefox currently does is rediculous.
More information about the fedora-list
mailing list