The CA browser forum (aka CABforum) announced a couple of days ago that they would form a WG on “organizational reform”.
Why is this important I hear you say?
The CABforum has quite a lot of power. This group makes decisions that affect which CAs are chosen for inclusion in default browser trust stores. Currently the group is comprised of browser and CA vendors. Notably absent are any relying parties.
Here is how to participate (quoted from the cabforum.org announcement):
In support of this process, the special working group is soliciting short (no more than 750 words, please) position papers and statements of interest from organizations and individuals on these topics. We encourage stakeholders to submit their comments to email@example.com now through March 30, 2012. All submissions will be posted publicly on the CA/Browser Forum website. (www.cabforum.org)
Convergence is one of several proposed solutions to the problem of lying and poorly managed CAs. DANE is of course another. I like fighting on multiple fronts so when rlbob sent me an inspirational email today after listening to Moxie talk about convergence at #RSAC I just could not resist it.
To make a long story short I went and setup a convergence notary. If you feel like trusting it feel free to visit https://etc.mnt.se/mnt.notary but make sure you visit convergence.io and install their FireFox plugin first.
Here then is the rlbob challenge:
The Chrome guy says they can’t use convergence because the traffic load would be too high for anyone but them to support, and they can’t be the ones to validate pubkeys for their own browser. In steps a worldwide network of registrars run by R&HE using our spare computing power and bandwidth. Let’s do it!
Lets see what happens next!