We have currently 3 CA's approved by our government to operate, and the digital signed documents using their certificates has legal validity.
My concern about adding certs of this sort is: what happens when CAs approved by the US government want in? Or the Cuban government? Or the Chinese government? I can think of groups of people who would object to all three.
Several discussions recently have made me think that we need a metadata system for root certs - high/low assurance (for want of better words), etc. We could also have a domain whitelisting system where, for example, the Chileian-government-approved CA was only enabled for .cl domains.
Gerv
_______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
