Why does Tor have to setup an official CA and passing some audits? Are they even public? And why should Tor even rely on that broken CA system? In my opinion a self signed certificate is the best way at the moment to ship. The tor developers should invest some time in the CA topic after Tor becomes a well-known and accpeted network. ~Josef Am 03.01.2015 um 00:06 schrieb Moritz Bartl: > On 01/02/2015 06:03 AM, Virgil Griffith wrote: >> Being a CA for .onion seems a reasonable thing to be. Should someone >> already part of the Tor community like torservers.net become that CA? > I don't think becoming an official CA (ie. passing the audits required > for inclusion in major browsers) is something we should spend our > already limited time on. >
Attachment:
signature.asc
Description: OpenPGP digital signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk