On 04/29/2014 05:31 PM, Jan Lühr wrote:
- By advertising certs to be "non-free" and putting the actual price tag
on it, alternate CAs like CAcert might get a boost in popularity,
emphasizing their importance for global internet security. At the
moment, many people skip CAcert in favor of StartSSL, cuase they just
can get a "free" certificates in major browsers.
I'd like to live in a world, were revocation is without any hassle an
Community Driven CAs like CAcert are providing security for sites to be
interested in.
And lets assume CAcert would gain that popularity - how do you expect
that to be financed exactly? Do you really believe this could be
sustained with ideology?
I suspected that there are a few CAcert groupies around here with this
discussion ;-)
But I tell you a little unknown secret, the first time I heard about
charging for revocations it was exactly from the folks like Duane and
later Ian. You can ask them and they might even confirm it, because they
too were looking for solutions to a problem.
--
Regards
Signer: Eddy Nigg, COO/CTO
StartCom Ltd. <http://www.startcom.org>
XMPP: [email protected] <xmpp:[email protected]>
Blog: Join the Revolution! <http://blog.startcom.org>
Twitter: Follow Me <http://twitter.com/eddy_nigg>
_______________________________________________
dev-security-policy mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security-policy
