> > > > How about a TXT record with the CN string of the CA cert subject in > > > > it? If it exists and there's a conflict, don't trust it. Seems > > > > simple enough to implement without too much collateral damage. > > > > > > Needs to be a DNSSEC-validated TXT record, or you've opened yourself up > > > to attacks via DNS poisoning (either insert a malicious TXT that > > > matches your malicious certificate, or insert a malicious TXT that > > > intentionally *doesn't* match the vicitm's certificate).... > > > > And how do you validate the dnssec to make sure that noone has tampered > > with it. > > Since you are from Sweden, and in an IT job, you probably have personal > relations to someone who has personal relations to one of the swedes > or other nationalities that were present at the key ceremonies for the > root. Once you've established that the signatures on the root KSK are good > (which -- because of the above -- should be doable OOB quite easily for > you) you can start validating the entire chain of trust. > > Quite trivial, in fact.
and how about a end user, who doesn't understand a computer at all, to be able verify the signatures, correctly? -- //fredan