Policy-Discussion

[Rasika Dayarathna <dayarathna AT gmail.com>]

Duane wrote:

> Sven Anderson wrote:
>
>  
>
> > As I stated several month ago, IMO CAcert should be just a framework for a
> > community, helping their members to check the identities of each other,
> > and therefore should take as less responsibility as possible.
> >    
>
> I won't comment on everything you've said but there is a lot of reasons
> to do the exact opposite of what you have said, already their is
> discussion about social networks (and CAcert is definitely a social
> network of sorts) to spider out associations with other people and all
> sorts of things you could do with data if this was made open.
>
> So while your intentions might be above board, there is a lot of people
> that would love to get their hands on the sort of data CAcert has beyond
> simple spammers that should never get it in a million years.
>
>  
>
> > BTW: why not putting a certain assurance-level into the certificates,
> > going away from that binary "certified-or-not" principle? We shoudn't run
> > after the "big" CAs, we should just make it better, with new ideas. I
> > guess, if we get popular, just because it works and it's better/more
> > trustful/more transparent than the rest, we will be "in the browsers"
> > faster than we'd prefer.
> >    
>
> I mentioned this earlier but no one really gave much/any feedback.
>  
/ I also agree with this idea.

regards

rasika
/