15 June 2001

Doing a bit more work on libglade2. It is still broken,
but getting less broken as time goes on. Should get it so
that the build completes to keep Sander
happy :)

Since we are starting to get a number of functional free
web browsers, I had the idea that it might be a good idea to
create a Certificate Authority for free software projects
and people and get its CA cert preloaded in browsers like
Mozilla.

Why do people use CAs like Verisign? Because people
trust them (rightly or wrongly), and their certs are
preloaded in almost all browsers so users don’t see a
disturbing dialog pop up when going to the site.

The free software community is probably in a better
position to verify the identity of people requesting
certificates. A group like Debian which already has a
strong web of trust between developers could set up a CA.
Requiring that certificate requests be GPG signed by a
debian developer who has positively identified the requestor
before issuing a certificate might provide a good balance
between security and ease of acquiring certificates.

Having the CA certificates preloaded in free browsers
such as mozilla, konqueror, etc would place them on an equal
footing with the existing CAs. Debian as a CA is just an
example, as they already have some of the infrastructure in
place for identifying people. It shouldn’t be difficult to
get CA certs added to free web browser’s databases. It
probably shouldn’t be limited to just free software related
CAs either.

Another interesting idea would be to setup (or adopt an
existing) alternative root zone that included a number of
TLDs related to free software (eg .gnu, .bsd, etc) along
with the existing ICANN and country code TLDs. If the major
distros shipped their nameservers pointing at this
alternative root, those TLDs would be usable (and not just
to Linux/BSD boxes — think about how many windows boxes
just forward all DNS requests to a Linux or BSD box for
resolution).

Both ideas would take quite a bit to get off the ground,
so probably won’t happen unless someone is really motivated
to do it.