What Would It Take To Have Open CA Authorities?

trainman writes "With the release of Firefox 3, those who have been using self-signed certificates for SSL now face a huge issue — the big, scary warning FF3 issues which is very unintuitive for non-technical users. It seems Firefox is pushing more websites in to the monopolistic arms of companies such as Verisign. For smaller, especially non-profit groups, which will never have issues with domain typo scammers, this adds an extra and difficult-to-swallow cost. Does a service such as this need the same level of scrutiny and cost since all that is being done is verifying domain and certificate match? This extra hand holding adds a tremendous cost and allows monopolistic companies such as Verisign to thrive. Can organizations such as Mozilla not move towards a model that helps break this monopoly, helping establish a CA root authority that's cheap (free?) and only links the certificate to the domain, not actual verification of who owns the domain?"

Re: Counter to "Recommend Firefox"

[TaoPhoenix]

Anyone know the IE status on this? Did they buy themselves out of a warning, or some such? It's totally down Microsoft's alley to trick Firefox into screaming "LittleGuy.com suxxors t3rr0rIsts" while IE cruises along, users shrug and say "uhh... well, works for me when I use MS..."

Re:CACert

[smilindog2000]

Wow... what great security. I just certified myself to be "Lord God" at cacert.org. Maybe I'm missing something, but isn't this suppose to add some level of trust?