Web of Trust (a revolution)

[Bruno Wolff III]

On Tue, Mar 31, 2009 at 12:27:08 +0100,
  Bill Crawford <billcrawford1970 at gmail.com> wrote:
> On Monday 30 March 2009 20:12:45 Bruno Wolff III wrote:
> 
> > CAs that charge extra in order to sign certs that have flag set to
> > indicate that they can sign other certs in subdomains should be boycotted.
> 
> This is actually a rotten idea. If you need internal testing systems, or to 
> dynamically create them as needed, or you want to run shared hosting using SSL 
> (as we do for internal testing, since our application requires SSL enabled) 
> then being able to sign your own sub-domains and / or have a wildcard are 
> pretty much essential.

I was complaining about ripping people off by charging exhorbitant amounts
for signing keys, not that people / orgs shouldn't be able to get them.
Verisign does that to protect revenue, not for security reasons.

> > Sites with self signed certs that prevent passive snooping get treated as
> > the same as going to a site without ssl and not triggering all sorts of
> > inappropriate warnings that look scary and make people jump through hoops
> > to bypass them.
> 
> That's a separate issue; it's a pain, but if a "root" CA updates their keys at 
> any point, older browsers / operating systems may well experience a period 
> of "messages popping up telling me they can't verify the certificate" ...

The procedure would be (in a web of trust model) to sign the the new key
with the old key before it expired so that people would normally see the
new key and save it while the old key is still valid.