[linux-elitists] SSL security certificates

Aaron T Porter atporter@primate.net
Thu Apr 10 15:52:01 PDT 2003

On Thu, Apr 10, 2003 at 03:30:52PM -0700, Rick Moen wrote:
> And before someone suggests it yet again:  The biggest reason there
> isn't a cheap or free geek collective to run a certificate authority
> with the aim of getting it included in common Web browsers is legal
> liability.

	While being included in common web browsers may not be a
reasonable/desireable goal, I have been thinking about setting up a "free
geek collective" certificate authority. 

	What I'm imagining is a system that uses a PGP/GPG ring of trust
to establish identity and then building some sort of a "Six Degrees"
social network to establish the validity of a certificate request. I'm
still not 100% certain that a reliable network of trusted friends would be
large enough to be of general use or if opening a private group certificate
authority to the public is a fantastic idea, but I'm think it might work.

More information about the linux-elitists mailing list