Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month, online, via Jitsi Meet.

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] free SSL certs from the EFF



On 11/24/2014 1:52 PM, Matthew Gillen wrote:
> What I would really like to see is a scheme adopted like SPF for mail: a
> TXT DNS entry for your domain that has the CA (or a fingerprint for the
> CA, or maybe the whole public cert).  That way you can be unequivocal
> about who the valid CA for your domain is.

This doesn't solve the problem. All it does is shift your trust chain 
from a certificate authority to a DNS registrar. And maybe not that much 
if your DNS registrar is also your CA.

-- 
Rich P.



BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org