Skip to Content.
Sympa Menu

discuss - Re: [opennic-discuss] Need for a OpenNIC TLD CA

discuss AT lists.opennicproject.org

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] Need for a OpenNIC TLD CA


Chronological Thread 
  • From: Jonah Aragon <jonaharagon AT gmail.com>
  • To: discuss <discuss AT lists.opennicproject.org>
  • Subject: Re: [opennic-discuss] Need for a OpenNIC TLD CA
  • Date: Fri, 6 Jan 2017 18:10:17 -0600

Obviously Let's Encrypt wouldn't work for OpenNIC domains, but I was looking at their Boulder implementation they designed as a possible solution to certificate issuance. They have an interesting program. And maybe we can adopt some of their policies for our system. Thanks!

Jonah

On Jan 6, 2017 6:08 PM, "Nadia Larsen" <an0n1 AT riseup.net> wrote:
Nadia Larsen wrote:
>> Please have a look at the open source https://letsencrypt.org
>
> Jonah Aragon wrote:
>> Yes, that would be a perfect example, because it's a system that only
>> the
>> TLD operator can access for his (your) domains ;) Therefore you should
>> get
>> an Intermediate CA and use your LDAP system to issue certificates to
>> every
>> domain holder!
>>
>> Although for real, the LDAP system is neat and it would make
>> verifications
>> and a unified login much easier across OpenNIC. If everyone used it,
>> that
>> is.
>>
>> Jonah
>>
>> On Fri, Jan 6, 2017 at 2:42 PM Jeff Taylor <shdwdrgn AT sourpuss.net>
>> wrote:
>>
>>> You mean like the LDAP storage servers which contain all the info for
>>> dyn/free/geek/gopher/indy/oss/parody/pirate domains?  Yes, anyone can
>>> check that information if they have the proper access. And if I
>>> re-enable the whois server, everyone could see the general information.
>>>
>>> On 01/05/2017 05:25 AM, Jonah Aragon wrote:
>>> > Just pointing out nobody can reasonably verify domain ownership
>>> except
>>> > TLD operators. There isn't like a centralized list of registrations
>>> or
>>> > anything ;)
>>> >
>>> > Jonah
>>> >
>>>
>>>
>>>
>>> --------
>>> You are a member of the OpenNIC Discuss list.
>>> You may unsubscribe by emailing
>>> discuss-unsubscribe AT lists.opennicproject.org
>>>
>>
>>
>> --------
>> You are a member of the OpenNIC Discuss list.
>> You may unsubscribe by emailing
>> discuss-unsubscribe AT lists.opennicproject.org
>>
>





--------
You are a member of the OpenNIC Discuss list.
You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org





Archive powered by MHonArc 2.6.19.

Top of Page