What Would It Take To Have Open CA Authorities? 529
trainman writes "With the release of Firefox 3, those who have been using self-signed certificates for SSL now face a huge issue — the big, scary warning FF3 issues which is very unintuitive for non-technical users. It seems Firefox is pushing more websites in to the monopolistic arms of companies such as Verisign. For smaller, especially non-profit groups, which will never have issues with domain typo scammers, this adds an extra and difficult-to-swallow cost. Does a service such as this need the same level of scrutiny and cost since all that is being done is verifying domain and certificate match? This extra hand holding adds a tremendous cost and allows monopolistic companies such as Verisign to thrive. Can organizations such as Mozilla not move towards a model that helps break this monopoly, helping establish a CA root authority that's cheap (free?) and only links the certificate to the domain, not actual verification of who owns the domain?"
Ah, let's just solve that FACTOR problem... (Score:3, Funny)
1. Step 1 - FACTOR algorithm in polynomial time
2. Step 2 - SSL is obsolete, and certificates are pointless
3. Step 3- PROFIT!
Re:CACert (Score:5, Funny)
Or even better, go here [cacert.org], since the above address is an https and Firefox won't accept its self-signed certificate..
Re:It would take.... (Score:3, Funny)
someone with a stuffed wallet. They essentially would have no more room in their pocket to earn money from people who simply want want credentials on their verified, secure web site. Unfortunately that isn't happening soon.
Sounds like a job for Shuttleworth [markshuttleworth.com] then!
Re:FF3 is right (Score:2, Funny)
Hey! 15 dollars buys an awful lot of beans and tortillas, pal [nonstick.com]
Re:CACert (Score:2, Funny)
A few days later, I had SSL certs for those organizations.
A PITA, yes, but by no means a secure system.
https://gmail.com (Score:2, Funny)