On 3/30/12 4:20 PM, Kevin Chadwick wrote: > Perhaps even a mozilla CA, a Google CA, and a Microsoft CA with an > attacker having to compromise all three to be successful.
Kai proposed something somewhat along those lines, with the browser vendors (possibly among others) being Vouching Authorities (VA). Mutually Endorsing CA Infrastructure https://kuix.de/mecai/ A better forum for "CA alternative" discussions would be the IETF's "therightkey" mailing list. Mozilla can't create an alternative on its own, it will take cooperation and coordination with lots of others. -Dan Veditz _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
