Comment by chmike
11 years ago
Wouldn't this result in putting all the eggs in a single basket ?
Beside, as an European, I'm not so excited that such initiative is under control of American Law. I suspect that American interests will prevail.
11 years ago
Wouldn't this result in putting all the eggs in a single basket ?
Beside, as an European, I'm not so excited that such initiative is under control of American Law. I suspect that American interests will prevail.
Would you like to spell out more explicitly which effects of U.S. jurisdiction you're most concerned with?
I agree that there are several possible effects of jurisdiction on CAs that people could reasonably be concerned with (whether as would-be certificate requestors or would-be relying parties), but I'm wondering which ones are concerning you most.
The effect is that the NSA, the FBI or others could obtain the private key of the EFF root CA through legal arm twisting and gagging.
Certificates are public, so there is no problem with certificate request.
If the project is US only, than it won't make much difference with the actual situation. It wasn't explicit in the announcement.
NSLs? US agencies are legally able to perform MITM attacks under US jurisdiction.