Re: Mozilla CA Management Tool

Sun, 27 Apr 2008 11:16:05 -0700 

Frank Hecker:



I'd be interested in your thoughts about what such a tool should do. 
We've been evolving over the years in terms of what and how much 
information we keep about CAs, and certainly the system we have now is 
far from perfect.
  



Basically I'd first of all automate much tracking and other manual work 
(such as statuses of CAs (and generation of their pages), auditing, 
reporting etc) so what we have a reliable tool for that. Besides that we 
could harbor important information about each CA at known places 
(through the management tool) which would allow for efficient processing 
of everything (including history).



Note that one key interest of mine is finding ways for more people to 
contribute information about CAs without having to have one person 
(e.g., me) do all the work in publishing that information. 



Yes, I think easy access to information is key for that. I'd certainly 
would work to establish that....



We'd 
previously discussed keeping CA-related information on the 
wiki.mozilla.org site, but Nelson and other had (IMO legitimate) 
concerns about having things like certificates and SHA-1 fingerprints be 
on a site that anyone could easily modify.
  



In respect of that, I'd suggest a dedicated system (server) which would 
have strict access controls in every respect (including the management 
utility). I could offer to build and host such a system at a well 
secured locality for a domain like https://ca.mozilla.com/ or 
alternatively to have that system at Mozilla (but dedicated server). 
Obviously I have lots of knowledge in this field and I'm ready to offer 
this utility from A-Z (except the physical server if hosted at Mozilla). 
However I wouldn't accept a virtually hosted system (aka vmware) which 
Mozilla does often.


--

Regards 


Signer:         Eddy Nigg, StartCom Ltd. <http://www.startcom.org>
Jabber:         [EMAIL PROTECTED] <xmpp:[EMAIL PROTECTED]>
Blog:   Join the Revolution! <http://blog.startcom.org>
Phone:          +1.213.341.0390



_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto






















					Reply via email to