W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: A proposal

From: Amos Jeffries <squid3@treenet.co.nz>
Date: Wed, 20 Nov 2013 12:19:46 +1300
To: ietf-http-wg@w3.org
Message-ID: <26ba0f0e4155b08bca03dda28123a729@treenet.co.nz>
On 2013-11-20 11:15, Adrien de Croy wrote:
> even if a cert is $0 it is not zero cost.
> 
> Time and effort are not free.
> 
> All these options involve an ongoing management/maintenance cost as 
> well
> 
> And are we really proposing the internet should be built on certs from
> free cert providers?  How will they stay in business or the certs
> remain free once the demand for free certs is multiplied by several
> orders of magnitude?

DANE.

* generate your own CA certificate.
* have your DNS provider sign it as part of your DNSSEC signed zone 
records
* profit


Payment (of lack of it) will be part of your contractual agreement with 
DNS provider and avoids the CA authority mess currently blighting trust 
in TLS.


Amos
Received on Tuesday, 19 November 2013 23:20:12 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:19 UTC