> * Less scary warnings about self-signed certificates (i.e. treat > HTTPS+selfsigned like we do with HTTP now, and treat HTTP like we do with > HTTPS+selfsigned now); the fact that self-signed HTTPS is treated as less > secure than HTTP is - to put this as politely and gently as possible - a pile > of bovine manure
I am against this. Both are insecure and should be treated as such. How is your browser supposed to know that gmail.com is intended to serve a self-signed cert? It's not, and it cannot possibly know it in the general case. Thus it must be treated as insecure. > * Support for a decentralized (blockchain-based, ala Namecoin?) certificate > authority No. Namecoin has so many other problems that it is not feasible. > Basically, the current CA system is - again, to put this as gently and > politely as possible - fucking broken. Anything that forces the world to > rely on it exclusively is not a solution, but is instead just going to make > the problem worse. Agree that it's broken. The fact that any CA can issue a cert for any domain is stupid, always was and always will be. It's now starting to bite us. However, HTTPS and the CA system don't have to be tied together. Let's ditch the immediately insecure plain HTTP, then add ways to authenticate trusted certs in HTTPS by means other than our current CA system. The two problems are orthogonal, and trying to solve both at once will just leave us exactly where we are: trying to argue for a fundamentally different system. _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
