[Talk] SSL Certificates

Greg 'groggy' Lehey Greg.Lehey at auug.org.au
Thu Feb 13 14:37:14 EST 2003


On Wednesday, 12 February 2003 at 17:34:28 +1100, Conrad Parker wrote:
> On Wed, Feb 12, 2003 at 04:19:42PM +1100, Ben Elliston wrote:
>> I've often wondered why there isn't a volunteer-run grass roots SSL
>> certificate authority.  While not completely without flaws, it could
>> work if there was a wide enough group of trustworthy individuals to
>> perform various levels of identity checking.  The certificate for the
>> certificate authority could be included in major open source browsers
>> like Mozilla and Konqueror.
>
> ok, how would an organisation (like AUUG, Debian, or a local LUG) go
> about implementing this? ie. assuming we know how to issue certs, and
> we know how to sign GPG keys, what levels of identity checking would
> be required, how would the CA be managed, etc.?

FWIW, this is one of the membership benefits that we have been talking
about in the past.  I think the board is agreed that this is a good
idea, but we haven't found anybody to address the details, notably the
trust issues you mention.  There will be a board meeting next Saturday
(22 February).  If some volunteer could come up with a concrete
proposal by then, we could talk about implementing it pretty quickly.

Greg
--
See complete headers for address and phone numbers
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL: <http://lists.auug.org.au/pipermail/talk/attachments/20030213/94e9ef00/attachment.pgp>


More information about the Talk mailing list