Slashdot Mirror

← Back to Stories (view on slashdot.org)

What Would It Take To Have Open CA Authorities?

Posted by ScuttleMonkey on from the sounds-like-vc-pitch-time dept.

trainman writes "With the release of Firefox 3, those who have been using self-signed certificates for SSL now face a huge issue — the big, scary warning FF3 issues which is very unintuitive for non-technical users. It seems Firefox is pushing more websites in to the monopolistic arms of companies such as Verisign. For smaller, especially non-profit groups, which will never have issues with domain typo scammers, this adds an extra and difficult-to-swallow cost. Does a service such as this need the same level of scrutiny and cost since all that is being done is verifying domain and certificate match? This extra hand holding adds a tremendous cost and allows monopolistic companies such as Verisign to thrive. Can organizations such as Mozilla not move towards a model that helps break this monopoly, helping establish a CA root authority that's cheap (free?) and only links the certificate to the domain, not actual verification of who owns the domain?"

6 of 529 comments (clear)

  1. Ah, let's just solve that FACTOR problem... by tjstork · · Score: 2, Funny

    1. Step 1 - FACTOR algorithm in polynomial time
    2. Step 2 - SSL is obsolete, and certificates are pointless
    3. Step 3- PROFIT!

    --
    This is my sig.
  2. Re:CACert by pablomme · · Score: 5, Funny

    Or even better, go here, since the above address is an https and Firefox won't accept its self-signed certificate..

    --
    The state you are in while your HEAD is detached... - wait, what?
  3. Re:It would take.... by just_another_sean · · Score: 2, Funny

    someone with a stuffed wallet. They essentially would have no more room in their pocket to earn money from people who simply want want credentials on their verified, secure web site. Unfortunately that isn't happening soon.

    Sounds like a job for Shuttleworth then!

    --
    Creationist Textbook Stickers Declared Unconstitutional by CowboyNeal
  4. Re:FF3 is right by iminplaya · · Score: 2, Funny

    Hey! 15 dollars buys an awful lot of beans and tortillas, pal

    --
    What?
  5. Re:CACert by Hork_Monkey · · Score: 2, Funny

    2-3 ago I had to request certs for a few clients. Some of those clients couldn't be assed to send me those documents, so I created some fake articles of incorporation.

    A few days later, I had SSL certs for those organizations.

    A PITA, yes, but by no means a secure system.

  6. https://gmail.com by InsaneMosquito · · Score: 2, Funny

    I'm surpised no one mentioned this, but https://gmail.com/gmail.com pops up this alert in FF3, because the certificate is actually for mail.google.com. I'm surprised Google didn't fix this - especially considering how much money they give to Mozilla.