@BenLaurie @agl if CAs are too-big-to-fail, should TLS use m-of-n certificates for redundancy? E.g. server_cert with 3 ECDSA certs.
Bah, yep! I'm just thinking that auto-renewal makes it even harder for a customer to fire their CA.
-
-
Ah. So, I was thinking standards-based renewal (e.g. ACME) from a panel of CAs. Panel would presumably be live sourced. :-)
-
That works too, but maybe is cartelism. m-of-n might be better at letting a market work. .
- 5 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.