SSL Co-op

Philip Shaw wahspilihp at gmail.com
Thu Jul 3 22:47:26 PDT 2014 

On 26 Jun 2014, at 5:51 , rysiek <rysiek at hackerspace.pl> wrote:

> So,
> 
> this has been proposed:
> http://www.hezmatt.org/~mpalmer/blog/2014/06/05/ssl-certificate-cooperative.html
> http://www.hezmatt.org/~mpalmer/blog/2014/06/25/moving-forward-with-an-ssl-coop.html
> http://www.sslcoop.org/
> 
> "The vision of the SSL Co-operative is to be a professionally-operated,
> member-controlled globally-trusted Certification Authority, serving the
> identity verification and management needs of its members.
> 
> At present, this initiative is in the analysis and planning stage.
> Investigation is underway to determine the full set of costs involved, both
> financial and temporal.
> 
> If you think a member-controlled CA that puts the interests of its members,
> and that of the Internet community, ahead of profits is a good idea, and
> might consider being a member if it gets off the ground, I would appreciate
> it if you would fill out a short survey letting me know a little bit about
> your organisation, to ensure that the co-op best serves your needs.”

http://www.cacert.org seems to be an attempt to do something like that, but there are two catches:

* CACert association membership is by nomination by pre-existing members, rather than being everyone with a certificate (or, perhaps more practically, open to everyone with a certificate).
* It hasn’t complied with the CA/Browser Forum rules, so isn’t included in any of the four main browser certificate lists.

I’m not sure how professional their operation is either: their class 1 certificates are issued robotically (although that doesn’t make them any worse than some for-profit CAs), and I haven’t actually looked into the verification they offer for class 3 certs.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 535 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20140704/1f155917/attachment-0001.sig>

More information about the cypherpunks mailing list