5 aug 2011 kl. 20:19 skrev Lucas Gonze:
> I haven't read far enough to know - that's somebody else's project, not my own.
> One reaction I have is that it's high time to acknowledge that the value of certificate authorities is a fiction. Self-signed certificates are all you ever need. Or am I wrong? Are you aware of any value added by the canonical root certificate authority?
The IETF is looking into using DNSsec as a secure root for your own self-signed certs. That's a valid way forward.