[Freedombox-discuss] Crypto questions
Jaromil
jaromil at dyne.org
Mon Apr 25 18:42:43 UTC 2011
hi Sandy,
On Sat, 23 Apr 2011, Sandy Harris wrote:
>
> Arguably, the whole certificate infrastructure for SSL is broken
> beyond repair. My /etc/ssl/certs has 289 Certificate Authorities
> listed. These are not just people I am expected by default to trust;
> they can sign certificates that make me trust others.
>
> Among other problems, many CAs are run by government agencies, some
> by governments with policies antithetical to the box.
I'm not sure if you heard of FOAF+SSL before, to me it seems a good
way to go, see http://www.w3.org/wiki/Foaf+ssl
FWIW here is my contribution for a solution that secures GNU/Linux
users' desktop with fairly strong encryption and educates them to keep
their keys separated: http://tomb.dyne.org (it comes from a system
already working in dyne:bolic 10 years ago which was already very
useful in some crisis zones..)
ciao
--
jaromil, dyne.org developer, http://jaromil.dyne.org
GPG: B2D9 9376 BFB2 60B7 601F 5B62 F6D3 FBD9 C2B6 8E39
Send bitcoins to: 1EJYtvuq39hoWcventcnnvhPXh6i5QDReM
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 1530 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20110425/3ddaddd7/attachment.pgp>
More information about the Freedombox-discuss
mailing list