[TrustBar] [Fwd: Re: Low assurance SSL CAs]
Duane
duane at cacert.org
Tue Feb 15 23:04:51 EST 2005
Someone suggested I post my ideas in the hope they might be incorporated
into this plug-in...
There is a discussion going on the netscape news groups at present over
how current browser security is binary, either on or off in the form of
seeing a lock or no lock.
My thinking is that this isn't good enough, and there is no standard way
to represent different grades of how much trust should be put into
certificate providers. Even though some providers have "Class 1/2/3" on
their root certificate this isn't standardised in any way, even web
trust doesn't sanitise the information on root certificates, it judges
what's listed in CPS documents and verify they match the CA practise.
Below is my suggestions on how it might be better handled.
Question I have is, is my ideas are feasible at all?
--
Best regards,
Duane
http://www.cacert.org - Free Security Certificates
http://www.nodedb.com - Think globally, network locally
http://www.sydneywireless.com - Telecommunications Freedom
http://happysnapper.com.au - Sell your photos over the net!
http://e164.org - Using Enum.164 to interconnect asterisk servers
"In the long run the pessimist may be proved right,
but the optimist has a better time on the trip."
-------------- next part --------------
An embedded message was scrubbed...
From: Duane <duane at cacert.org>
Subject: Re: Low assurance SSL CAs
Date: Tue, 15 Feb 2005 21:50:55 +1100
Size: 4941
Url: http://mozdev.org/pipermail/trustbar/attachments/20050215/3b330e28/LowassuranceSSLCAs.eml
More information about the TrustBar
mailing list