Re: Seeking officers for Free-software-friendly CA

[Leland V. Lammert]

At 12:40 PM 12/22/99 , you wrote:
>I think a free CA would be great. I really wish there was an acadmic
>institution initiative. A big limitation as far as I can
>see would be getting certs pre-installed into web browsers.
>The chance of either MS or netscape doing this would be close to none.
>If my experience is anything to go by, asking the average user to import a
>CA can be problematic.

It IS going to be a pain - Thawte was the only agency willing to issue a CERT for 
user-compiled code. The only solution that I see is for vendors to self-certify. 
What's the difference between self-certification and a Versign cert anyway?? In the 
first case, the user gets the 'do you trust this site' messages (four in NN), but once 
they accept the cert no problem. In the second case, the user must trust the CA 
(Versign only in the current marketplace), of which they are not aware in most cases.

I created our own cert two years ago, and just renewed it (recreated for another 365 
days) for the second time. Nobody has complained to date!

         Lee
============================================
    Leland V. Lammert                                [EMAIL PROTECTED]
       Chief Scientist                         Omnitec Corporation
   Network/Internet Consultants              www.omnitec.net
============================================
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]