[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Soliciting Applications and Nominations for the SPI Board



On Tue, Nov 19, 2002 at 09:06:47AM -0600, Steve Langasek wrote:

> On Mon, Nov 18, 2002 at 03:33:53PM -0500, Matt Zimmerman wrote:
> > On Mon, Nov 18, 2002 at 12:09:08PM -0700, Bdale Garbee wrote:
> 
> > >   The tasks include but are not limited to:
> > > [...]
> 
> > Another good task might be to arrange for a verifiable certificate for the
> > https services at spi-inc.org?  Currently, it seems to have an expired
> > certificate for a different hostname issued by an unrecognized CA (Wichert).
> 
> By 'verifiable', do you mean using one of the universally-recognized web
> CAs, or would it be an option to create an SPI (or Debian) CA whose CA
> cert is shipped with Debian and usable by default?

By 'verifiable', I mean a certificate which can be verified, by whatever
means, to belong to SPI, modulo a reasonable doubt.  Given the policies and
(lack of) secure certificate distribution by the commercial CAs, I've no
doubt we could do better, but I have some doubt that we have justification.

But this was more a snide remark than anything; it's not as if the SPI
website is processing financial transactions, but it does use SSL
for some forms.

-- 
 - mdz



Reply to: