[Talk] SSL Certificates

Conrad Parker conrad at vergenet.net
Wed Feb 12 17:34:28 EST 2003


On Wed, Feb 12, 2003 at 04:19:42PM +1100, Ben Elliston wrote:
> I've often wondered why there isn't a volunteer-run grass roots SSL
> certificate authority.  While not completely without flaws, it could
> work if there was a wide enough group of trustworthy individuals to
> perform various levels of identity checking.  The certificate for the
> certificate authority could be included in major open source browsers
> like Mozilla and Konqueror.

ok, how would an organisation (like AUUG, Debian, or a local LUG) go
about implementing this? ie. assuming we know how to issue certs, and
we know how to sign GPG keys, what levels of identity checking would
be required, how would the CA be managed, etc.?

if multiple such groups did this, could they form a web of trust between
them in order to minimise the number of central/top-level CAs that
browsers would be required to know?

Conrad.



More information about the Talk mailing list