Friday, February 24, 2012, 11:47 PM
We must solve the problem that any CA is a single point of failure for the Web's trust, as used by the SSL/TLS protocol.In October 2011 I had published a rough description of a system that I named MECAI, Mutually Endorsing CA Infrastructure.
It took some time to think in more detail about the various aspects, and I'm thankful for the discussions I had with other security experts, who pointed out missing details, problems that still need to be solved, etc.
Now I'm able to announce that I've published (yesterday) a more detailed writeup (version 2), you can find it here:https://kuix.de/mecai/mecai-proposal-v2.pdf
I'm looking forward to your feedback. It might be best to post your feedback to the IETF's mailing list therightkey.
Comments
Add Comment
Comments are not available for this entry.