Geoff Huston from APNIC talked at the RIPE 84 about certificate revocation as a “sanction”. He concludes that the certificate infrastructure is not working, and instead suggests DNS is the answer. You can put keys in the DNS and use TTL to control the caching lag of the information.
How do you see it? What conclusions should we draw from this at CAcert? Write your comment below!
CAcert Inc. board decided with the motion m20140706.3 to apply at the CA/Browser forum  as “Interested Party”. The CA/Browser forum is responsible for the guidelines how to use X.509 certificates.
The reasons are:
- get the latest ideas and hints how the the certificate business is developing
- get the chance to show how CAcert Web of Trust works and that it might be an alternative for the commercial registry authority approach
CAcert nominated Benedikt Heintel as contact person to the CA/Browser forum.