CAcert Web of Trust for free SSL and other certificates
James Larkby-Lahet
uses a web of trust based on showing goverment ID to 'assurers'
already in the web of trust. after establishing enough 'links' one
has the credibility to be an assurer, and to issue SSL, email and
other crypto certs.
Dr. Amer and I are both assurers, but we will need to locate other
assurers in the area (via the site), or a local CACert assurance party
to get everyone to maximum capacity. Throwing said party would also
be a way to get assurers here.
This is not only good for avoiding the $$$ verisign charges for such
things, but encourages general cypher-punking and good security
practice. CACert may also make it feasible (a minimal developer, or
at least committer, burden) to link code signing into our Maus
package manager and use a web of trust for packages, patches, and even
individual commits (and their dependencies). Anonymous commits can be
allowed by maintainers but resigned to a low trust non-user status.
cheers,
james
PS -- Dr. Amer, it may be difficult for you to follow this thread
unless you join our xomb google group or everyone remembers to CC
you/reply all :)
Steve Klabnik
This is not only good for avoiding the $$$ verisign charges for such
things, but encourages general cypher-punking and good security
practice. CACert may also make it feasible (a minimal developer, or
at least committer, burden) to link code signing into our Maus
package manager and use a web of trust for packages, patches, and even
individual commits (and their dependencies). Anonymous commits can be
allowed by maintainers but resigned to a low trust non-user status.
He promised, so it must be true! Ha. But no, seriously. A trusted SHA1 would be pretty sweet.