On Wednesday 23 March 2011 09:46:26 Bernhard Reiter wrote: > As for the CA safety: This is an important issue. I think two things > should happen: We need an initiative to evaluate root CAs and publish > lists. Also I think we should create a Free Software certificate checker > that also uses these list, e.g. something like Gpg4win (I am one of the > makers of Gpg4win).
Since there seems to be some interest in the topic, here are some latest news and an intersting blog post: https://blog.torproject.org/blog/detecting-certificate-authority-compromises- and-web-browser-collusion It also shows how two Free Software browsers handle the problem of certificate revocation in a secret and not very trustworthy way. I agree with Bernhard and the author of the blog post that we need better tools "for ensuring trust, identity, authenticity, and confidentiality on the internet". Torsten
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Discussion mailing list [email protected] https://mail.fsfeurope.org/mailman/listinfo/discussion
