I forget to mention, I aware there are two similar mechanisms: "Perspectives": http://www.cs.cmu.edu/~perspectives/firefox.html "Certificate Patrol": https://addons.mozilla.org/en-US/firefox/addon/6415
According to my analysis, my proposed mechanism has following advantages: * Easier to use: no interaction with user is required * Better chance to catch the rogue certificate * Inform the general public of the incident, provide evidence to punish the rogue CA But I may be subjective, so please comment on the idea, if you think it's really better, I'll implement it. -- dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
