This is cool, but... their root cert still needs to be installed in order for most web clients to accept certs they sign. As far as web hosting is concerned, this is barely any better off than self-signing.
But there's more to certs than the web and I'd be up for getting involved in this... maybe a few of us could take a road trip before the next meeting?
I haven't joined yet... are there Assurers already in the area? Do you need to be signed more than once to do your own signing?
Once 30 or 40% of the Internet is using the Certs, it will create enough of a force to affect the published certs. They have to be published _somehow_, and it is actually a TON better then self-signed, because rather than 600 million Authorities, we have one, community authority that we can use. Further, most businesses that I work with use SSL Certs, but do not want to buy from Thawte or Verisign. They are looking for a free community run deal, like this.
So, I am going to get a cert. If others of the LUG do, then we can become our own Assurers, and help make ourselves and other a little more secure.
thanks, Joshua
signature.asc
Description: OpenPGP digital signature
_______________________________________________ PDXLUG mailing list [EMAIL PROTECTED] http://pdxlug.org/mailman/listinfo/pdxlug
