On 26 Jun 2014, at 5:51 , rysiek <rysiek@hackerspace.pl> wrote:
So,
this has been proposed: http://www.hezmatt.org/~mpalmer/blog/2014/06/05/ssl-certificate-cooperative.... http://www.hezmatt.org/~mpalmer/blog/2014/06/25/moving-forward-with-an-ssl-c... http://www.sslcoop.org/
"The vision of the SSL Co-operative is to be a professionally-operated, member-controlled globally-trusted Certification Authority, serving the identity verification and management needs of its members.
At present, this initiative is in the analysis and planning stage. Investigation is underway to determine the full set of costs involved, both financial and temporal.
If you think a member-controlled CA that puts the interests of its members, and that of the Internet community, ahead of profits is a good idea, and might consider being a member if it gets off the ground, I would appreciate it if you would fill out a short survey letting me know a little bit about your organisation, to ensure that the co-op best serves your needs.”
http://www.cacert.org seems to be an attempt to do something like that, but there are two catches: * CACert association membership is by nomination by pre-existing members, rather than being everyone with a certificate (or, perhaps more practically, open to everyone with a certificate). * It hasn’t complied with the CA/Browser Forum rules, so isn’t included in any of the four main browser certificate lists. I’m not sure how professional their operation is either: their class 1 certificates are issued robotically (although that doesn’t make them any worse than some for-profit CAs), and I haven’t actually looked into the verification they offer for class 3 certs.