James G. Sack (jim) wrote: > John H. Robinson, IV wrote: > > James G. Sack (jim) wrote: > >> Let's have a KPLUG (self-signed) CA > >> > >> KPLUG can/will sign member certs > > > > CAcert already does this, I am a CAcert assurer, and CAcert root > > certificates already exist in open source browsers. > > OK. it turns out I "joined" some time ago, but forgot about it and never > did anything else (until you reminded me by your message here). > > So are you the "John R" shown as an assurer near San Diego?
Yes, I am. > OK, I've got cacert email account(s) and a client cert. > > What do I do next to participate in the trust-thing? There is this form that is filled out, the client signs it, and the assurer assigns the points and keeps the form for at least seven years. > Can you sign something for me (& others) at the upcoming gpg key-signing. Yep. > Should everybody become an assurer? Once you have enough points (50? 75?) you automatically become an assurer. You are under no obligation to actually assure anyone, though. That keeping onto a paperwork for seven years may be daunting for some. > > I contend that this is a solved problem. I do not see the value-added > > with KPLUG trying to be a CA. > > Well, at least we ought to get a kernel-panic.org server cert, eh? Probably. I can work with Neil to make that happen. -john -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-steer
