Slashdot Mirror

← Back to Stories (view on slashdot.org)

What Would It Take To Have Open CA Authorities?

Posted by ScuttleMonkey on from the sounds-like-vc-pitch-time dept.

trainman writes "With the release of Firefox 3, those who have been using self-signed certificates for SSL now face a huge issue — the big, scary warning FF3 issues which is very unintuitive for non-technical users. It seems Firefox is pushing more websites in to the monopolistic arms of companies such as Verisign. For smaller, especially non-profit groups, which will never have issues with domain typo scammers, this adds an extra and difficult-to-swallow cost. Does a service such as this need the same level of scrutiny and cost since all that is being done is verifying domain and certificate match? This extra hand holding adds a tremendous cost and allows monopolistic companies such as Verisign to thrive. Can organizations such as Mozilla not move towards a model that helps break this monopoly, helping establish a CA root authority that's cheap (free?) and only links the certificate to the domain, not actual verification of who owns the domain?"

2 of 529 comments (clear)

  1. Re:Not the first one... by MadHakish · · Score: 0, Redundant

    The Marine's call that "stupid stubborn" and for your sake be glad your not in the Marines.

    I'd say the fact you only make $200/year profit is your bigger concern. Learn to monetize your offering and buy a certificate, but don't refuse to recommend a superior browser because *you* are too cheap to operate like every other sensible website handling secure info. I'm shocked people buy anything from you without a proper signed cert.

    This is not a new problem and never has a browser simply accepted self-signed certificates without displaying a warning - the problem is that assholes out there hijack domains and run CC phishing scams on and steal peoples info/identities - by not using proper security measures on your e-commerce site you are actually a big part of the problem. I'm amazed you have any customers at all... The fact you only make $200/year should give you a clue.

    --
    Wisest is he who knows he does not know.
  2. Re:A difficult and hard to swallow cost? by jjhall · · Score: 0, Redundant

    The thing is they shouldn't have to swallow $50 a year for something that should be free. And $50 for a non-profit organization that already may be up against a tight budget, that $50 takes away from something else they could have done.