> Yes would be great if it was possible to click on the CA name that shows in > the layer that adds the CA names to get more information.
Could you explain that in more detail? I am not entirely sure if I understand it correctly? You want to be able to just click on the name instead of the node? > It's would also be great if ownership of CAs keys/roots was somehow > represented in the visualization, for example: > * "AddTrust External Root CA" should be grouped with "UTN-UserFirst-Hardware" > as both (as far as I know) are COMODO owned. > * "GTE CyberTrust Global Root" is owned by Verizon Yep, you are right about that. I will try to get the information from the Mozilla spreadsheet into the next version. > I also love the other recommendations, some of which that sound great to me > include: > 1. Basic Constraints Path Length restrictions > 2. Use on Name Constraints, aka make it clear that those subCAs are restricted > 3. Make it possible to filter (not just search) the graph by the name of the > entity that owns the CA (aka GlobalSign, Verizon, Comodo, etc.) to allow > excluding some of the larger education networks so the graph is more > explore-able. 1 and 2 already are on my to-to list. 3 generally sounds like a good idea. The "problem" is, that at the moment the layout is fixed and not done by the web-interface (I had an earlier version where they were layed out directly in javascript using a force-based algorithm - but that didn't really look that good). In any case at the moment just filtering would leave big holes in the graph. Bernhard
